Closed emilianobonassi closed 9 years ago
jadahl
commented
9 years ago The reason for defaulting to deny is for security reasons. I don't think its reasonable to default to allow as it may give the administrator unexpected consequences. It could possible done by adding a parameter to the configuration which would allow all commands to be allowed.
emilianobonassi
commented
9 years ago @jadahl , I agree with you, your idea for the parameters is great, I will implement it. I also thought to a RestrictedCommands list option , it would contain a list of disallowed commands. What do you sincerely think about this idea?
jadahl
commented
9 years ago Sounds reasonable to me.
emilianobonassi
commented
9 years ago Thank you for your comment. I will implement it!
The default behavior was to deny all commands if AllowedCommands option wasn't defined. Now if it so, it accepts all and deny only if the option is defined and the command isn't in the list.