http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14564
--- Comment #6 from Robin Sheat <[email protected]> --- (In reply to Mirko Tietgen from comment #5) > I think there is rarely use for a hosting client to download the > configuration, you can't just use it on a different server. > > On the other hand, it requires > <backup_conf_via_tools>1</backup_conf_via_tools> in the config and is not > available by default, so I'd say it is protected more than usual. There may > be use cases for it. Yeah, I think you're right. My thinking is that we shouldn't open up the permissions by default though as they do contain things that we'd not like people to see. On the other hand, if they get to a point where they can download that file, we probably have bigger problems anyway. But it still could contain SSL keys that they wouldn't otherwise have permissions to get. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
