You have me in a catch22. If I give out the keys I breech security, otherwise I can not open a ticket. I will disable the feature. Demanding the keys to a domain just to open a ticket is asking to much. Regardless if you can not duplicate this locally.
I am sure someone else will run into this. I have two clean boards, one on UNIX using sendmail and one on NT using SMTP. Both boards have this problem.
How would you address the intranet? It has no public interface, are customers with boards on intranets banned from opening tickets?
Dyno - I don't see where giving the login info is a security breach. Infopop is a very ethical company when it comes to customers. Charles Capps has worked on my boards a few times, without incident. Also, if you are so concerned about giving out the domain password, why not change it before you give it to them, then change it back.
Sometimes, finding a bug means seeing the environment where the bug was first reported.
I'm not sure how they would handle intranet servers. There is the possibility of remote controlling an internal workstation, or dialing in to the intranet via RAS or VPN
Not just my web space, there are several users. If my entire BBS was down or something more drastic I may jump though some security hoops to enable Infopop ftp access.
By no means is my reluctance aimed at Charles Capp. Quite the contrary, I respect his cgi prowness and him as a professional. However, I do not think one should be expected to give up the keys to their domain just to open a ticket. Admin access to the control panel I can accept. But not FTP. Also there is nothing on the page you open the ticket where Infopop gives any garantee to the save keeping of the infomation.
Also I am not just giving this info to Mr. Capp I am giving it, well besides Infopop, I have no real assurance who or where it is going to.
If that was the case, then why is there over 300,000 UBB's in existance. If they did anything with the info you provide them, then explain why so many customers.
Dyno, I'm trying to understand why you are reluctant to give FTP access to look at a problem. I could understand your feelings if it was me or another user requesting access.
Ultimately, I posted a remark earlier in the thread that you should consider - If you are so concerned about the security being compromised, then change the password after the support ticket.
I'm a system administrator, so I know what's it's like to be concerned about security. The only person, besides my boss, I would give the master account information to the server would be my ibm Customer Engineer.
If you will not open a ticket, I can not investigate the circumstances that are causing the problem.
If I can not investigate the circumstances that are causing the problem, I can not fix the problem.
Tickets are entered over an SSL connection - there is no chance of someone hijacking your login information, if that is a concern.
We can even call you to get the login information, and keep it totally out of the system, if you'd prefer. Normally we don't do this - but if this is a bug, then I want it fixed. We're already going to have to do a 6.3.1.2, so if there's anything else that needs fixing, we need to know now.
If you still refuse to open a ticket, then I'll have no choice but to call this NOTABUG, unless anyone else can repliate the problem.
-- Charles Capps UBB.classic™ Developer Having problems? Open up a support ticket!
I am having this exact same problem on 6.3.1.1. I will not give out our server info on the ticket form. If someone from Infopop wants to work this, I would be willing to do it over the phone so email me.
Posting the exact fix here would be preferred (I am a Perl novice so I I can only type what I'm told to type.) <img src="https://www.ubbcentral.com/boards/images/graemlins/wink.gif" alt="" />
I find it curious that people don't trust a SSL-protected form, while they do freely give out information over the phone. <img src="https://www.ubbcentral.com/boards/images/graemlins/confused.gif" alt="" />
The fix, for the time being:
public_show_email.pl line 95 is: <input type="hidden" name="un" value="$in{ToWhom}" />
Change name="un" to name="ToWhom"
A more comprehensive fix will be in 6.4.
-- Charles Capps UBB.classic™ Developer Having problems? Open up a support ticket!