Location /admin/conf
Michael Sweet
mike at easysw.com
Sun Dec 24 07:50:21 PST 2006
Opher Shachar wrote:
> ...
> In admin.tmpl the HREF attribute of edit-configuration-file button is
> set to "/admin?op=config-server" which under the default
> configuration does not require authentication. Is that by design?
Yes, you'll get the authentication challenge after you click on
the "save changes" button.
> To restrict access to root only I changed the above in admin.tmpl to
> "/admin/conf?op=config-server" and in edit-config.tmpl the form's
> ACTION to "/admin/conf". This works, the question is: Is that the
> right (safe) way?
It won't necessary continue working forever, but it is a way to
require authentication before you get to see the configuration file.
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Publishing Software http://www.easysw.com
More information about the cups
mailing list