On Mon, Jan 07, 2019 at 11:16:02PM -0800, Wes Hardaker via Net-snmp-coders 
wrote:
> Madhusudhana R <madhusudhan...@in.abb.com> writes:
> 
> > With Netsnmp v5.8  upgraded to my project (which was already working with 
> > v5.7.3), I am finding one
> > problem which is as described below.
> > 
> > An user is created in agent (which is netsnmp v5.8)
> 
> How did you configure the access control of the agent?  Specifically, if
> you have a line like "rwuser NAME" in it, you MUST change it to "rwuser
> NAME priv" to force encryption-only traffic.  Otherwise the agent will
> answer with both encrypted and unencrypted requests (but still
> authenticated).

I suppose the default value of the access control is "auth", the man
page didn't say what the effects of that was?

I think this is a bad idea as a default since that works against the
"secure by default" ideal - if someone want to loosen restrictions
then they should have to ask for that.

Now, I do appreciate that changing this might break the setup for some
people but on the other hand it probably will close unintended holes
for others.

/MF


_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to