>>>>> "DS" == Dave Shield writes:

DS> We'll need to tread carefully, though. There will be
DS> hundreds of existing installations that are working quite
DS> happily, and we'll need to ensure that a default config
DS> continues to send traps.

DS> (I realise that such an approach is an anathema to security
DS> experts, but said security experts don't typically maintain the
DS> users list! ;-) )

Actually, not necessarily... The point is that you don't do something
the user's didn't expect. I'm quite sure when a user says "create a
trap sink with community XXX" it would expect those to be authorized
to go out.

(what is wrong, is that we allow incoming MIB SET requests configure a
system that allows traps to go out without checking the authorization
to do so).

--
Wes Hardaker
Sparta, Inc.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders