[ic] open login warning (?)
Wed, 21 Mar 2001 13:39:53 -0500
Yep - you're right on that one... I just tried it on several of our
catalogs and it worked and logged us in immediately. This is on IC
Jud Harris wrote:
> Hey folks,
> I'm not sure if this is a universal problem, but I just noticed that my access
> table from the default construct store contains a username ":backup" with no
> password. I believe it is a group definition. It allows logins without a
> password and possesses nearly full permissions.
> I'm asterisk-ing out the password field to prevent logins.
> Note that this login doesn't show up in the Access interface under the
> Administration section because it's supposedly a group definition.
> So.. try to login to the admin page as :backup (yes, with the colon) - and no
> password. If you get it in, better fix it. But alas, it might just have crept
> into my catalog.
> Just FYI,
> Interchange-users mailing list
KORKSOFT - Software & Internet Solutions
System Integration, E-Commerce, C++/Perl/PHP/ASP
Web hosting, Server Co-Location, Dedicated Circuits
Tel: (603) 672-1246 x 201