So, did you know that by default Zope stores a copy of every user's
username and password in your ZODB, in plain text, on every login that
uses forms and sessions (rather than HTTP basic auth)?
Look for them in /++etc++site/default/PersistentSessionDataContainer,
inside the numerous
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marius Gedminas wrote:
So, did you know that by default Zope stores a copy of every user's
username and password in your ZODB, in plain text, on every login that
uses forms and sessions (rather than HTTP basic auth)?
By Zope you mean Zope 3, ZTK,
On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
Marius Gedminas wrote:
So, did you know that by default Zope stores a copy of every user's
username and password in your ZODB, in plain text, on every login that
uses forms and sessions (rather than HTTP basic auth)?
By Zope
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:58 PM, Marius Gedminas wrote:
On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
Marius Gedminas wrote:
So, did you know that by default Zope stores a copy of every user's
username and password in your ZODB, in plain