Magnus Fromreide <ma...@lysator.liu.se> writes: > I suppose the default value of the access control is "auth", the man > page didn't say what the effects of that was? > > I think this is a bad idea as a default since that works against the > "secure by default" ideal - if someone want to loosen restrictions > then they should have to ask for that. > > Now, I do appreciate that changing this might break the setup for some > people but on the other hand it probably will close unintended holes > for others.
I'd push back rather hard against breaking existing implementations by changing the default. As mentioned in the other thread, at the time that code was put into place the only encryption was DES and because the U.S. was still pushing hard against export controls of even prototcols like DES, the general consensus of the SNMPv3 world was encryption was a "nice" but may not be available everywhere. If we want to change the default behavior, I'd suggest we instead create a new token and push that out to all documentation and examples rather than causing a version update to suddenly make everyone's existing deployments stop working. -- Wes Hardaker Please mail all replies to net-snmp-coders@lists.sourceforge.net _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders