> My apologies. This option is only available to host admins with > system admin rights, not just host admins. But, that isn't to say > that you couldn't edit 'usradmin.html' and 'disabledlist.html' to > remove the 'only display these options to system administrators' > features.
Yet by this you imply that the access level is not validated by the CGI. Though I'd think this is something that would have been discovered at some point in the past, it would be disturbing to find to one could simply craft a form post to raise their access level. Perhaps this is only true of some functions? Anyone feel like testing? Seems the better answer would've been "Can't be done." :) --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
