Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 11-15-2024, 07:24 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / General discussion v / [split] Security Problem detected

Post Reply 
[split] Security Problem detected
Author Message
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #21
RE: Security Problem detected
RatS Wrote:the main problem ATM is that the dns-entry is added on installing domain.

more specific: "domain alias". Only resellers can add "a domain" (with a new user). But the user can add domain aliases which also create dns zones.

You cannot trust the enduser, you should be able to trust the reseller (is the reseller able to find out if a new domain is a valid one or not...).
A view to the registrar of the new domain would give some answers.
A domain alias should be approved by the reseller.

RatS Wrote:There are no further nameserver needed - we have to redesign this.

The dns is very important. Adding an email account to a "domain alias" is the next of the two steps to hijack mails. But if domain aliases are controled then this is also under control.

/J
09-02-2007 11:19 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication