> > > MediNet's Visual Basic (MS) desktop client > > > - optionally runs in unattended mode > > > - is configured by Medinet to hold the account id(s) for the > > > mailbox(es) [directories] that are to be queried > > > - runs an interactive session via ssh > Fair enough. > > > - ssh connects to MediNet "frontend" server (outside firewall) > > > - client (??) "calls"(??) > How? Well, connecting with ssh gives you a shell. Then just locally run a shell script on the remote machine. That in turn fetches, pushes and cleans up.
> > > Manual customer-initiated sftp connections would be a confidentiality > > > problem because sftp daemons are (apparently) not very good about > > > restricting navigation across directories. Userid/pw credentials are > > > not mapped/mappable to individual mailbox directory levels, ergo if a > > > person connected *manually* there would be nothing to stop them > > > browsing other directories > There relying on their remote client to restrict itself to the correct > directories? > That's insane. It surely is. I wonder how millions of FTP sites (let alone sftp ones) are restricting their users to directories they want them to be able to see. Admittedly, FTP servers are a known culprit for hacks. Carefully paying heed to patching known issues should get around that, though. Nonetheless the above is doable with Linux by a competent admin. Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 _______________________________________________ Gnumed-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnumed-devel
