http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5511 --- Comment #16 from Chris Cormack <chris@bigballofwax.co.nz> --- (In reply to Marc Véron from comment #15)
(In reply to Chris Cormack from comment #13)
This patch set adds a new syspref, which disables session restrict by IP, by default.
Which is dangerous, this should be a conscious decision made by someone knowing that they are reducing security.
Is still an issue, see "[Koha] IP Address Changed" on mailing list today.
Maybe we should think about sysprefs that are only avallable to the database user.
Marc
The problem is just that the patch sets the ip restriction off by default, instead of on by default, and having to make a decision to potentially reduce security. It would have been a simple change, but the patch author has left it to languish as Failed QA -- You are receiving this mail because: You are the QA Contact for the bug. You are watching all bug changes.