-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Jan 8, 2007, at 8:17 PM, Jim Lester wrote:
I understand that the identities issue is an issue with every
desktop client, and that RoundCube is suppose to be a desktop-esk
client in a browser. Still that being said, I would maintain that
Identities is a feature and it would be nice if admins had the
ability to turn that feature off. If I am alone on this then so be
it, I will just turn it off myself, o be the glory of open source.
But I still thought the point was valid to raise.Btw, Jason, I like your satire, good work.
I'm glad it came across as such. After I sent it I was hoping it
wouldn't come across completely snarky.
Honestly, it shouldn't be that hard to write a hook for a validation
plugin. In fact, if you did something like that in a generic enough
manner, then it could be tractable to implement whatever restrictions
you want. The down side to that is that you'd probably really need to
write your own module to do the validation for your site. Or maybe if
this were taken up by the developers it could be implemented a a
series of plugins ala pam.
Your best path forward today is to disable the feature if its a
concern. However, that doesn't eliminate the possibility of them
doing the same spoof with any other client, so really, its a stop gap
at best and futile at worst.
J.