Re: Users - Security
Posted by David E. Jones on Feb 15, 2006; 6:42pm
URL: http://ofbiz.116.s1.nabble.com/Users-Security-tp137421p137430.html
Yes, details please. On the public list isn't a problem, the more
people who know about them the more likely they will be fixed...
As for the passwords: this is yet another area where the Basic
Production Setup Guide can be helpful.
As for pulling "your" site: if you are using an old version and not
maintaining it yourself or working with others to resolve issues you
find in it (like with Sequoia/OpEnTaps), and you're not keeping up
with the latest changes and bug fixes, then pulling the site and
moving to something that you will maintain is nothing short of an
_excellent_ way to go.
-David
On Feb 15, 2006, at 11:32 AM, Andrew Dupa wrote:
> How secure is Ofbiz?
>
> Am I the only one concerned about the security holes? I would
> happily detail those that i found but not publically on the list
> for those poor soles still using it. I'm pulling my site
> immediately and moving to another platform.
>
> Oh and by the way if you're using a production site make sure you
> change all the admin, demoadmin passwords you wouldn't belive how
> many I found that didn't on your end users list.
>
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
URL: http://ofbiz.116.s1.nabble.com/Users-Security-tp137421p137430.html
Yes, details please. On the public list isn't a problem, the more
people who know about them the more likely they will be fixed...
As for the passwords: this is yet another area where the Basic
Production Setup Guide can be helpful.
As for pulling "your" site: if you are using an old version and not
maintaining it yourself or working with others to resolve issues you
find in it (like with Sequoia/OpEnTaps), and you're not keeping up
with the latest changes and bug fixes, then pulling the site and
moving to something that you will maintain is nothing short of an
_excellent_ way to go.
-David
On Feb 15, 2006, at 11:32 AM, Andrew Dupa wrote:
> How secure is Ofbiz?
>
> Am I the only one concerned about the security holes? I would
> happily detail those that i found but not publically on the list
> for those poor soles still using it. I'm pulling my site
> immediately and moving to another platform.
>
> Oh and by the way if you're using a production site make sure you
> change all the admin, demoadmin passwords you wouldn't belive how
> many I found that didn't on your end users list.
>
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
smime.p7s (3K) | Free forum by Nabble | Edit this page |