Now, the fact that we can add /manage to any URL to edit the data seems like a potential security hole. all it would take to crack a Zope password would be running a password guesser with user 'superuser'. Or am I missing something here? srl On Tue, 18 Apr 2000, J. Atwood wrote:
http://www.oswg.org:8080/oswg/manage
That is always a good test..
It is.. Squishdot.
J
From: srl <slandrum@turing.csc.smith.edu> Date: Tue, 18 Apr 2000 17:22:35 -0400 (EDT) To: zope@zope.org Subject: [Zope] www.oswg.org runs Zope?
www.oswg.org
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Shane Renee Landrum slandrum<@>cs.smith.edu ----"Some people enjoy the corporate life. Then again, some people enjoy nipple clamps." --- seen on an ad