Hi Chris,
You can sort the security issue by require the user to delete the install
script after they complete the install. and making it so the application
can't be accessed until this is done.
On Tue, Jul 17, 2012 at 3:42 PM, Chris Travers <[email protected]>wrote:
>
>
> On Mon, Jul 16, 2012 at 8:12 PM, Jason Thomas <[email protected]> wrote:
>
>> Hi all,
>>
>> A while back you where talking about working on the installation of
>> ledger-smb, below is a link to an open source crm which I feel has a very
>> easy installation. Basically untar and point your browser to the conf
>> script. which then checks dependencies etc.
>>
>> What do people think of this method.
>>
>>
>> http://support.sugarcrm.com/02_Documentation/01_Sugar_Editions/05_Sugar_Community_Edition/Sugar_Community_Edition_6.5/Sugar_Community_Edition_Installation_Guide_6.5.0
>>
>> First I have no problem with providing a number of installation methods,
> and some people may prefer a less secure set-up. I would prefer not to get
> to the point where we are openly advocating writing config files from the
> web server though, but having it as an option would be a good thing,
> especially if we can say "there's the simple way to install and the secure
> way to install."
>
> So with that in mind, here's my thinking:
>
> 1) we'd probably want any configuration writing classes to be broken off
> into modules distinct from any interface. With our current config handling
> for 1.4, this is a lot easier (the CPAN modules we use in 1.4 for reading
> the config support both reading and writing configuration information).
> So we already kind of have that, so the question then becomes just how we
> wrap this in the application.
>
> 2) If we have the mechanism down, then it becomes possible to write
> various tools to create or manipulate the the ledgersmb.conf. There could
> be an interactive command line tool, for example (Havard has suggested
> something like this in the past). If folks want a web-based tool, this
> could then be done. A command-line interactive script could be done.
> There are lots of options available at that point.
>
> Hope this helps,
> Chris Travers
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Ledger-smb-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Ledger-smb-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
