Re: Users - Security
Posted by
Andrew Dupa on
Feb 15, 2006; 6:53pm
URL: http://ofbiz.116.s1.nabble.com/Users-Security-tp137421p137431.html
Ho hum....here we go again....we've been thru this before!!
The reality of what your sugesting is laughable. Easy for you to say but in reality very different story. You have no idea about QA, release management or production environments upgrades. If you had any real world experience with product software development you'd provide an upgrade path and releases -
Talk to me when you get a real job and learn about real world software development process. I can teach you.
You just sound like another developer form the consultant world who's been stuck in code and fix mode with no responsibility. I interview your type every day and stamp your file with no hire all the time....
Yeah I should be dealing with Sequoia. I'm in the wrong place. I'll write a test that reproduces the steps and submit it to them. In the mean time I'll go back to the real world.
On 2/15/06, David E. Jones <[hidden email]> wrote:
Yes, details please. On the public list isn't a problem, the more
people who know about them the more likely they will be fixed...
As for the passwords: this is yet another area where the Basic
Production Setup Guide can be helpful.
As for pulling "your" site: if you are using an old version and not
maintaining it yourself or working with others to resolve issues you
find in it (like with Sequoia/OpEnTaps), and you're not keeping up
with the latest changes and bug fixes, then pulling the site and
moving to something that you will maintain is nothing short of an
_excellent_ way to go.
-David
On Feb 15, 2006, at 11:32 AM, Andrew Dupa wrote:
> How secure is Ofbiz?
>
> Am I the only one concerned about the security holes? I would
> happily detail those that i found but not publically on the list
> for those poor soles still using it. I'm pulling my site
> immediately and moving to another platform.
>
> Oh and by the way if you're using a production site make sure you
> change all the admin, demoadmin passwords you wouldn't belive how
> many I found that didn't on your end users list.
>
>
>
> _______________________________________________
> Users mailing list
>
[hidden email]>
http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users