Rocksolid Light

Welcome to RetroBBS

mail  files  register  nodelist  faq  

Confidence is the feeling you have before you understand the situation.


rocksolid / Rocksolid Nodes Announce / Re: Change of session management on def3

SubjectAuthor
* Change of session management on def3trw
`- Re: Change of session management on def3trw

1
Subject: Change of session management on def3
From: trw
Newsgroups: rocksolid.nodes.announce
Organization: Dancing elephants
Date: Sat, 14 Sep 2019 22:52 UTC
Path: i2pn2.org!rocksolid2!def2!.POSTED.rocksolid2!not-for-mail
From: trw@i2pmail.org (trw)
Newsgroups: rocksolid.nodes.announce
Subject: Change of session management on def3
Date: Sat, 14 Sep 2019 18:52:01 -0400
Organization: Dancing elephants
Lines: 11
Message-ID: <qljqu0$ft7$1@def2.org>
Reply-To: trw <trw@i2pmail.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 14 Sep 2019 22:51:44 -0000 (UTC)
Injection-Info: def2.org; posting-host="rocksolid2:192.168.1.189";
logging-data="16295"; mail-complaints-to="usenet@def2.org"
User-Agent: FUDforum 3.0.7
X-FUDforum: 0374ec857381230fa83049643ce3cdee <10136>
View all headers
As of today, the session management on def3 will no longer work with cookies, but by URL session only. This is an attempt to make the forum software fit to be used on tor as well.
As a result. the session token in the querystring (&S=....) is your only identifier for any session. If you give the
session token away, an attacker could log in to your account with it, so keep it to yourself.
To minimize the risk, sessions are ended after 2 min of idleness, so if you need a lot of time for writing a message,
you might be locked out during that time.
This is not comfortable, but the price for (some) security.
This behavior might be improved later.

cheers

trw
Posted on: def3.i2p


Subject: Re: Change of session management on def3
From: trw
Newsgroups: rocksolid.nodes.announce
Organization: Dancing elephants
Date: Sun, 15 Sep 2019 20:54 UTC
References: 1
Path: i2pn2.org!rocksolid2!def2!.POSTED.rocksolid2!not-for-mail
From: trw@i2pmail.org (trw)
Newsgroups: rocksolid.nodes.announce
Subject: Re: Change of session management on def3
Date: Sun, 15 Sep 2019 16:54:49 -0400
Organization: Dancing elephants
Lines: 0
Message-ID: <qlm8eb$n4m$1@def2.org>
References: <qljqu0$ft7$1@def2.org>
Reply-To: trw <trw@i2pmail.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 15 Sep 2019 20:54:35 -0000 (UTC)
Injection-Info: def2.org; posting-host="rocksolid2:192.168.1.189";
logging-data="23702"; mail-complaints-to="usenet@def2.org"
User-Agent: FUDforum 3.0.7
X-FUDforum: 0374ec857381230fa83049643ce3cdee <10139>
View all headers
Put the interval to 5 min, 2 min is too restraining.
Posted on: def3.i2p


1
rocksolid light 0.7.0
clearneti2ptor