User Authentication Setup

David Lloyd lloy0076 at
Tue Jul 10 22:14:52 PDT 2001

Hi There!

I've managed to get Freeside running, however I have an issue:

If I have an agent "basic agent", how does one stop "basic agent" from
fiddling with the administration settings?

- running a separate page without those settings on doesn't seem secure
enough to me
  (i.e. I could authenticate as the real user, setup a trojan freeside
on my own web servers and so on...)

- specifically, it looks as though once a user is authenticated they
have full administration rights; a clerk at the desk, for example, could
invent an unlimited download plan with no costs with the click of a few

"The greatest thing you'll ever learn is
  just to love and to be loved in return."
  - David Bowie (Nature Boy from Moulin Rouge)

More information about the freeside-users mailing list