Louis created PLUTO-782:
---------------------------
Summary: Passwords on tomcat manager
Key: PLUTO-782
URL: https://issues.apache.org/jira/browse/PLUTO-782
Project: Pluto
Issue Type: Bug
Affects Versions: 3.1.0
Reporter: Louis
Assignee: Neil Griffin
Hi,
I just downloaded your software and saw that the passwords used to protect the
local tomcat users are very predictable. It would be better to disable those
accounts as they basically allow anyone to get command execution on the
underlying server.
People in charge can then add those accounts based on their requirements.
Regards,
Louis
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
