Closed emilianobonassi closed 9 years ago
The reason for defaulting to deny is for security reasons. I don't think its reasonable to default to allow as it may give the administrator unexpected consequences. It could possible done by adding a parameter to the configuration which would allow all commands to be allowed.
@jadahl , I agree with you, your idea for the parameters is great, I will implement it. I also thought to a RestrictedCommands list option , it would contain a list of disallowed commands. What do you sincerely think about this idea?
Sounds reasonable to me.
Thank you for your comment. I will implement it!
The default behavior was to deny all commands if AllowedCommands option wasn't defined. Now if it so, it accepts all and deny only if the option is defined and the command isn't in the list.