I am being able to generate a notification on behalf of an user that
don't even have a VACM entry. I think the checking is not implemented or
is not working properly. I looked at the code and I could not find any
part where the checking was being performed. Any clue?


> -----Original Message-----
> From: dave.shield@googlemail.com
> [mailto:dave.shield@googlemail.com] On Behalf Of Dave Shield
> Sent: Monday, April 02, 2007 12:31 PM
> To: Passera Pablo-APP015; Wes Hardaker
> Cc: net-snmp-coders@lists.sourceforge.net
> Subject: Re: vacm notification access
> On 30/03/07, Wes Hardaker wrote:
> > >>>>> "PP" == Passera Pablo-APP writes:

> >
> > PP> I have a question related to how VACM is implemented in

> the agent.
> > PP> Is the notify-view parameter in the access token being

> used when
> > PP> the agent generates a notification?
> >
> > It should be, yes.

> According to the RFC specs, it should be, yes.
> But in practice, I'm not convinced.
> If you set up a very basic snmpd.conf access configuration
> (with a single "rocommunity" line and nothing else), then
> walking the vacmAccessTable will show a value of 'none'
> for the notifyGroupName.
> But the agent will still generate traps quite happily.
> Dave

Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
Net-snmp-coders mailing list