[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re: NeoMail 1.25

Subject: Re: [cobalt-users] Re: NeoMail 1.25
From: Revd leonard payne <vicarage@xxxxxxxxxxxxxx>
Date: Fri Sep 21 06:55:32 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

on 21/9/01 1:44 PM, Joe Boise at my_hidden_email@xxxxxxxxx mumbled something
like:

> I just installed the NeoMail 1.25 and was testing
> the program and found what I think is a bug.
> John Doe who runs www.site1.com can login via
> another site on the same server (for example
> www.site2.com/neomail/).  Then John enters his
> username/password combo (for site1) and he is
> granted access even though he is not associated
> with www.site2.com.  It looks like John can now
> send messages as john@xxxxxxxxxx
> 
> This seems this might be a security issues to me?
> 
> Anyone else notice this?



This is not a bug it is a feature.

According to the gospel according to Cobalt, you can only use the same user
once per box - rather than once per virtual site. Therefore logging on via
another site would work. It still hits the same POP engine it seems to me (a
linux novice)

I reckon the same would happen if you used a regular POP client.
Give it a try and post again - or shoot me down .


Blessings

Revd Leonard

Follow-Ups:
- Re: [cobalt-users] Re: NeoMail 1.25
  - From: baltimoremd
- [cobalt-users] Problems when running locate
  - From: First Hosting
- Re: [cobalt-users] Re: NeoMail 1.25
  - From: David Thurman

References:
- [cobalt-users] Re: NeoMail 1.25
  - From: Joe Boise

Prev by Date: [cobalt-users] Webpage gone!
Next by Date: Re: [cobalt-users] NIMDA Worm
Previous by thread: [cobalt-users] Re: NeoMail 1.25
Next by thread: Re: [cobalt-users] Re: NeoMail 1.25

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index