[interchange-cvs] CVS notice: activity by jon

interchange-cvs@lists.akopia.com interchange-cvs@lists.akopia.com
Thu Jun 28 18:07:00 2001


CVS activity by user 'jon':
interchange/dist/lib/UI/pages/admin user_change_pass.html,1.7.4.2,1.7.4.3
Update of /var/cvs/interchange/dist/lib/UI/pages/admin
In directory interchange.redhat.com:/tmp/cvs-serv17422/dist/lib/UI/pages/admin

Modified Files:
      Tag: DEV_4_7_0
	user_change_pass.html 
Log Message:
Rework password changing to always use UserDB functions instead of directly
writing to database.

When creating UserDB object, use Vend::username instead of session{username}
for better security.

Allow Vend::superuser to change passwords of any user.

Use UserDBPasswordMinLength directive (default is 4 characters).

Log attempts by anyone other than Vend::superuser or access::super == 1
to change another user's password (e.g. by munging form variable mv_username).