Hi,
I was sure I had answered, obviously I was wrong. Sorry for the delay then.
I'd say that you spotted a minor bug, that allows to define a configuration that basically rejects all the clients by distributing broken signatures to them. A sysadmin would immediately understand that his system is totally broken, so I believe that the exploitability of such a wrong combination is insignificant. Moreover the bug does not prevent any kind of correct usage/config of the framework.
I will fix it in the next week or so
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/xrootd/xrootd","title":"xrootd/xrootd","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/xrootd/xrootd"}},"updates":{"snippets":[{"icon":"PERSON","message":"@ffurano in #567: Hi,\r\nI was sure I had answered, obviously I was wrong. Sorry for the delay then.\r\n\r\nI'd say that you spotted a minor bug, that allows to define a configuration that basically rejects all the clients by distributing broken signatures to them. A sysadmin would immediately understand that his system is totally broken, so I believe that the exploitability of such a wrong combination is insignificant. Moreover the bug does not prevent any kind of correct usage/config of the framework.\r\n\r\nI will fix it in the next week or so\r\n\r\n"}],"action":{"name":"View Issue","url":"https://github.com/xrootd/xrootd/issues/567#issuecomment-323755999"}}}
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1