Re: [Postfixadmin-devel] config.local.php not being read.
Brought to you by:
christian_boltz,
gingerdog
From: David G. <da...@co...> - 2009-04-13 21:30:00
|
tan...@li... wrote : > On 4/13/2009 4:49 PM, David Goodwin wrote: > >>> Final note: If we want to use md5 for the setup password, we should > >>> switch _now_ so that less users are affected. > > >> I thought this would be optional... ? You're saying everyone would be > >> FORCED to do so? > > > Yes. The setup_password is a mandatory step now. Failing to do it > > leaves a big security hole open when ever a user upgrades (especially > > if it's automatic via e.g. apt) > > Oh... wait... is this just for the admin password? Or for all email > account passwords? The passowrd which allows you to run the setup.php page (and create new admin users) David. -- David Goodwin [ david at codepoets dot co dot uk ] [ http://www.codepoets.co.uk ] |