Bug 68935 - RFE: Option to require ssl conections
RFE: Option to require ssl conections
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: squirrelmail (Show other bugs)
9
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Gary Benson
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-07-16 06:56 EDT by Gerald Teschl
Modified: 2007-04-18 12:44 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-08 05:57:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to squirrelmail (1.92 KB, patch)
2002-07-16 06:56 EDT, Gerald Teschl
no flags Details | Diff

  None (edit)
Description Gerald Teschl 2002-07-16 06:56:11 EDT
After installing the squirrelmail package a user will be able to login via

http://host.domain.com/webmail/

and

https://host.domain.com/webmail/

However, since the first version will transmitt the password in plain, I don't
want this. Hence I wrote a small patch which will automatically redirect
a user from http to https if the admin enables this option.
Comment 1 Gerald Teschl 2002-07-16 06:56:53 EDT
Created attachment 65525 [details]
patch to squirrelmail
Comment 2 Gary Benson 2002-07-16 07:36:40 EDT
This looks like a good idea, however it is probably for the best if you submit
this patch directly to the SquirrelMail developers and let them integrate it
upstream.  Their development list is at:

http://lists.sourceforge.net/mailman/listinfo/squirrelmail-devel

Thanks, Gary
Comment 3 Gerald Teschl 2002-10-11 16:55:41 EDT
There is a plugin for this

http://www.squirrelmail.org/plugin_view.php?id=61

Please add this - proably as an extra package. Thanks.
Comment 4 Gerald Teschl 2003-04-07 16:10:54 EDT
I *really* feel you should add this plugin as a minimum. Maybe this should
even be the default. What sense does it make to disable telnet,pop,etc !?

Note You need to log in before you can comment on or make changes to this bug.