Uploaded image for project: 'Jetspeed (Retired)'
  1. Jetspeed (Retired)
  2. JS1-334

[FIX] DatabaseBrowserTest needs to be constrained to admin use only

Add voteWatch issue
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Resolution: Unresolved
    • 1.4b5-dev / CVS
    • None
    • Portlets
    • None
    • Operating System: Other
      Platform: Other
    • 20565

    Description

      Either that or the customizer needs to be changed to lock down the query
      parameter for admin access only. Otherwise it's a security hole - someone can
      query TURBINE_USER table to see the passwords.

      Or we encrypt passwords by default.

      Attachments

        Activity

          People

            morciuch@apache.org Mark Orciuch
            morciuch@apache.org Mark Orciuch
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:

              Slack

                Issue deployment