From: Colas N. <cna...@il...> - 2006-02-09 12:58:13
|
I known I am much too late on the subject but this option was so damn wrong that I didnt imagine it was still in Dakar, moreover enabled by default. Please remove it or at least make it disabled by default. NAT is becoming the norm today, e.g. already now any of the 700 ILOG employees going to TWiki.org will be logged under my name with my access rights. (NAT gives us all the same IP) This is already bad per se (my account shouldnt be so freely available), but it gives a very bad reputation to TWiki security as my ILOG colleagues report this to me "woa! I was loggued under your account! seems that TWiki is really bad security-wise" :-( -- Colas Nahaboo, Webcore, ILOG Sophia Antipolis, http://colas.nahaboo.net |