[ic] open login warning (?)
Jason Korkin
jason@korksoft.com
Wed, 21 Mar 2001 13:39:53 -0500
Yep - you're right on that one... I just tried it on several of our
catalogs and it worked and logged us in immediately. This is on IC
4.6.0.
Jason Korkin.
President/Owner
Korksoft LLC
Jud Harris wrote:
>
> Hey folks,
>
> I'm not sure if this is a universal problem, but I just noticed that my access
> table from the default construct store contains a username ":backup" with no
> password. I believe it is a group definition. It allows logins without a
> password and possesses nearly full permissions.
> I'm asterisk-ing out the password field to prevent logins.
>
> Note that this login doesn't show up in the Access interface under the
> Administration section because it's supposedly a group definition.
>
> So.. try to login to the admin page as :backup (yes, with the colon) - and no
> password. If you get it in, better fix it. But alas, it might just have crept
> into my catalog.
>
> Just FYI,
> -Jud
>
> _______________________________________________
> Interchange-users mailing list
> Interchange-users@lists.akopia.com
> http://lists.akopia.com/mailman/listinfo/interchange-users
--
KORKSOFT - Software & Internet Solutions
System Integration, E-Commerce, C++/Perl/PHP/ASP
Web hosting, Server Co-Location, Dedicated Circuits
http://www.korksoft.com
http://www.atworkservers.com
Tel: (603) 672-1246 x 201