Why is it an error to have both X-Content-Security-Policy and X-Content-Security-Policy-Report-Only ?
If both a X-Content-Security-Policy-Report-Only header and a
X-Content-Security-Policy header are present in the same response, a warning
is posted to the user agent's error console and any policy specified in
X-Content-Security-Policy-Report-Only is ignored. The policy specified in
X-Content-Security-Policy headers is enforced.
Why is this? This seems like an unnecessary burden which prevents groups
from tightening their security policies over time.
For example, here at Google, I'm interested in helping resol...Turbopower Async Pro is blocked by Policy Local Cmpuer Policy\Windws Settings\Security Settings\Local Policies\User Right Assignment
If computers have set "Load and unload device drivers" in this key to
Asministrators only, my program will not be able to connect an external
device if I use tApdDataPacket for communication, but if I use
tApdTerminal, everything works ok.
Has anyone any idea what device drivers may be involved here when adding
Users to the group, the program work properly ?
Must be something that is loaded by the packet component? Is this driver
something that could be preinstalled by installation program ?
Onthe other hand, is it normal to do this restriction in policy?
(the c...How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I
have learned how to protect my PC from the inside out. But what about
security risks to my info 'before' it gets to my computer? Like my mail
box on the server. Could someone hack into that and thumb through my
If so, how would I ever know?
(The short story)
We have a rogue employee at my work who one day decided to run the web
site, she got in tight with the ISP, got tools to set and delete
passwords on a protected directory on the server. Who knows if she has
telnet access to other things, li...GroupWise security
We have gw 6.5.1 and I have been asked to find some docs that describe how
GroupWise security works. Primary from an internal point a view as opposed
to sending stuff over the net.
I'm looking for details on communication between Clients, POA, MTAs and
It's pretty much all encrypted except for the last bit of plain text
files floating into the GWIA.
Dave Parkes [NSCS]
Occasionally resident at http://support-forums.novell.com/
"Dave Parkes" <Dave@Norgren.co.uk> wrote in...Groupwise Security
My mail server has both a public and private link. it is open to the
internet which poses a security threat. How can i secure the groupwise
mail server? thanks.
> My mail server has both a public and private link. it is open to the
> internet which poses a security threat. How can i secure the groupwise
> mail server?
Hmm. Do you *need* or *want* Groupwise to be accessible from the
Internet or not? If not, then the answer is, "with a firewall".
Novell Product Support Forum Sysop
No emails please!
We tried to add security on our groupwise server by adding the high
security using ssl on the post office. The problem hit when people
groupwise passwords different to their NDS passwords tried to log in
groupwise it came up with 'LDAP failure detected' Is there something
missing when trying to run ssl when authenticating through ldap ??
here's a couple of TIDs to get you started... i've had this problem,
have not answered it yet...
http://support.novell.com/cgi-bin/search/searchtid.cgi?/100...security too secure
Summary: security too secure
The security thing won't let me in this sight no matter how I accept,
confirm, get certificate, etc.
Browser Details: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9.1b4) Gecko/20090423 Firefox/3.5b4
From URL: http://hendrix.mozilla.org/
Note to readers: Hendrix gives no expectation of a response to this feedback
but if you wish to provide one you must BCC (not CC) the sender for them to
...when is secure, secure?
I wrote a custom authentication handler for PureFTPD, using a combination of
authentication methods, for about 4 different types of users.
So far, from testing it, it does look to work properly, and does it's job
pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and
use warnings, and the code returns no errors or warnings when run.
I am right to presume that this basically only really tells me the my syntax
and structure of the application is right? What's a good way to see whether
it is actually SECURE... There is a couple of lines of...security policy
We have zenworks 4.0.1 we are trying to push down a group policy with
Everything is pushed down to the workstation except the security settings...
Is this a known problem or are we doing something wrong?
If the last how should we push these settings?
> We have zenworks 4.0.1 we are trying to push down a group policy with
> security settings.
> Everything is pushed down to the workstation except the security
There have been a few issue, but most or all have been resolved with the
later patches like Ir4 or ...Security on Groupwise..
I am fed up of our support people changing the security on the POA to low
and leaving it without changing it to "High". Is there any way I can check
who has done this change ? the loggin on the POA set to Verbose. Or is
there are way to lock this, so that only certain people can change it ?
Many Thanks for any help.
Michael J. Bell
Novell Support Connection Volunteer Sysop
Author of Guinevere (http://www.openhandhome.com)
PLEASE: Do not e-mail me privately unless specifically asked.
I'm a volunteer, not a Novell ...Security Exception; The application attempted to perform an operation not allowed by the security policy...
I have published a website in my local machine and I also run IIS on it but when I try to run Start Without Debugging I get the Security Exception message;
Server Error in '/' Application.
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.A...superreview requested: [Bug 221428] Define security policy for stylesheets [was: Security check for same-origin access mistreats data: URIs]
Boris Zbarsky <email@example.com> has asked Jonas Sicking <firstname.lastname@example.org> for
Bug 221428: Define security policy for stylesheets [was: Security check for
same-origin access mistreats data: URIs]
Attachment 256892: Ready for review
------- Additional Comments from Boris Zbarsky <email@example.com>
Again, first-come, first-served. ;)
Summary of changes:
- Add a principal to style sheet inners
- Make stylesheets always have inn...superreview granted: [Bug 221428] [FIX] Define security policy for stylesheets [was: Security check for same-origin access mistreats data: URIs]
Peter Van der Beken <firstname.lastname@example.org> has granted Boris Zbarsky
<email@example.com>'s request for superreview:
Bug 221428: [FIX]Define security policy for stylesheets [was: Security check
for same-origin access mistreats data: URIs]
Attachment 256892: Ready for review
------- Additional Comments from Peter Van der Beken <firstname.lastname@example.org>
Yeah, I can do r+sr.
...Runtime Security Policy
I have a winform to activex project.Everything works great except that I need to have the .net 2.0 - My Computer - Runtime Security Policy - Machine - Code Groups - All_Code permissions set to FullTrust.
Now, over the intranet is fine but when we release it live, this will pose a problem as i cant have my clients going in and changing policy permissions.
The framework allows you to export security settings into an MSI, which i think is a great feature. So i guess my question is, how would i determine if a user has set these permissions to FullTrust before displaying my page. An...