Based on knowledge (as documented in the manual) about some of the security implications of the QuickConnect module, and a recent conversation on the mailing list, it seems like it would be good to add an option or two to the QuickConnect authentication module that allows the server administrator to control which connection parameters can be used when creating connections and which ones will be vetoed or ignored. I'm thinking that two options could be implemented:
The logic would be as follows:
- If quickconnect-allowed-parameters is set, ONLY the parameters specified in that option will be allowed, and ALL others will be discarded.
- If quickconnect-denied-parameters is set, the parameters specified in that option will be discarded, and ALL others will be allowed.
- If both are set (which shouldn't happen under normal circumstances), the parameters set in quickconnect-allowed-parameters will be allowed, unless they also occur in quickconnect-denied-parameters, in which case they will be discarded along with anything else not set in quickconnect-allowed-parameters.