[Koha-bugs] [Bug 5511] Check for Change in Remote IP address for Session Security. Disable when remote ip address changes frequently.
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Nov 24 08:31:45 CET 2014
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5511
Marc Véron <veron at veron.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |veron at veron.ch
--- Comment #15 from Marc Véron <veron at veron.ch> ---
(In reply to Chris Cormack from comment #13)
> This patch set adds a new syspref, which disables session restrict by IP, by
> default.
>
> Which is dangerous, this should be a conscious decision made by someone
> knowing that they are reducing security.
Is still an issue, see "[Koha] IP Address Changed" on mailing list today.
Maybe we should think about sysprefs that are only avallable to the database
user.
Marc
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list