I've recently made an update to the processing of the access control
directives, to support setting an explicit context (or context
prefix). This has always been available via "access" (and
"authaccess"), but I wanted to add similar functionality to the
convenience routines (authcommunity, authuser, etc).

It turns out that this change has also affected the default behaviour
slightly. Up to now, these convenience directives have registered an
entry in the vacmAccessTable with a prefix context match on "" - thus
matching *ALL* contexts by default. Following my latest patches, the
same directive would now register an *exact* context match on "" -
thus applying to the default context only.

I'm inclined to leave things as they stand - this feels a more secure
arrangement, and is probably in line with default expectations. But
it does result in a minor change in behaviour, so I wouldn't object if
the consensus was to switch back to the previous, more open
configuration.

Comments?

Dave

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders