This should be fixed in core. A developer who actually needed the password would be able to get it easily enough. We developers are often rushed and do occasionally make stupid mistakes but a simple mistake should not reveal passwords. Great and effective effort has been put into the code to make it easy to deploy a secure application. The same care and effort should insure that simple mistakes by a developer do not break the secure application.
Gary -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php