19 Apr
2000
19 Apr
'00
11:43 a.m.
On Wed, Apr 19, 2000 at 07:34:28AM -0400, srl wrote:
Now, the fact that we can add /manage to any URL to edit the data seems like a potential security hole. all it would take to crack a Zope password would be running a password guesser with user 'superuser'. Or am I missing something here?
Yes. If you are security-conscious you change the superuser account name and choose a very hard to guess password. -Petru