>>>>> "DS" == Dave Shield <[EMAIL PROTECTED]> writes:
DS> I'm inclined to leave things as they stand - this feels a more secure DS> arrangement, and is probably in line with default expectations. But DS> it does result in a minor change in behaviour, so I wouldn't object if DS> the consensus was to switch back to the previous, more open DS> configuration. [same text posted to a different note, but I'll repeat it in the proper thread... In short I'm against the functionality change as I don't see a reason for it. It doesn't buy you any more security; the introduction of the ability does, but not the modification of the default as long as it's documented.] I actually think it should authorize all by default. That's what it's done before and it's a behavior change. Had it been a bad thing, I'd of course say otherwise. But I think the default user case will be to authorize access to all contexts. The rouser, etc, cases are already convenience wrappers likely to be used by people authorizing a user to access to almost everything. Contexts also have not been a common way to separate different security data areas. The *ability* to limit to a context is certainly important, but I don't think it needs to limit to just "" by default. Assuming that's what's going on, because I'm speaking without having read the code of course. -- Wes Hardaker Sparta, Inc. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
