Re: Users - Security
Posted by
Andrew Dupa on
Feb 16, 2006; 6:37pm
URL: http://ofbiz.116.s1.nabble.com/Users-Security-tp137421p137426.html
before you kick me off here....I think some of you should be kicked off for the same reasons...your attitude is as bad if not worse than mine.
so let's just recap on the two experiences I had with the 'users' list of ofbiz. remember users, those people you belittle
I asked about a known problem with the JOB SAndbox table and was told that i could delete records form the database. really wow!!! You guys are so smart, can you be more specific please?. I was then told that my clean up wasn't running, please be as vague as you can. I'm only trying to get a production system back up and running here, it's not costing you money i know but someone has to pay in the end. Clowns. People like you get fired from my company
I've read some threads here and all I hear is check out the latest code - wtf - have you lost your mind - do you know how to run a production system?
I tell you that I have worked out how to crack a password on ofbiz, any basic statistics/maths/computer science knowledge will tell you it's not as hard as it should be.
So at the end of the day in my day job I'm about the ship a major product build on open source software that most of you probably use everyday (no it's not built on ofbiz, there's no way unless I regression tested the hell out of it would I put my name on it) Dealing with them is amazong, dealing with you guys is a joke.
So although I may have a big ego and be a bit blunt I think you all need to take a good hard look at yourself and how you treat the end users of the system. How you answer questions If you want your clicky little club then you are not going to attract the kind of developer to work on this that can help you out of your mess and become a major open source player. But then again it's amatuer hour here. I think you'll be gone in 2 years. I'd put money on it.
Good luck
...code and fix code and fix code and fix...code and fix...we're so smart....code and fix....check it in...testing is for losers
On 2/15/06, BJ Freeman <[hidden email]> wrote:
and I thought I had an Ego. LOL
Andrew Dupa sent the following on 2/15/06 10:32 AM:> How secure is Ofbiz?
>
> Am I the only one concerned about the security holes? I would happily detail
> those that i found but not publically on the list for those poor soles still
> using it. I'm pulling my site immediately and moving to another platform.
>
> Oh and by the way if you're using a production site make sure you change all
> the admin, demoadmin passwords you wouldn't belive how many I found that
> didn't on your end users list.
>
>
>
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> Users mailing list
>
[hidden email]>
http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users