[ic] open login warning (?)

Jason Korkin jason@korksoft.com
Wed, 21 Mar 2001 13:39:53 -0500

Yep - you're right on that one... I just tried it on several of our
catalogs and it worked and logged us in immediately.  This is on IC

Jason Korkin.
Korksoft LLC

Jud Harris wrote:
> Hey folks,
> I'm not sure if this is a universal problem, but I just noticed that my access
> table from the default construct store contains a username ":backup" with no
> password.  I believe it is a group definition.  It allows logins without a
> password and possesses nearly full permissions.
> I'm asterisk-ing out the password field to prevent logins.
> Note that this login doesn't show up in the Access interface under the
> Administration section because it's supposedly a group definition.
> So.. try to login to the admin page as :backup (yes, with the colon) - and no
> password.  If you get it in, better fix it.  But alas, it might just have crept
> into my catalog.
> Just FYI,
> -Jud
> _______________________________________________
> Interchange-users mailing list
> Interchange-users@lists.akopia.com
> http://lists.akopia.com/mailman/listinfo/interchange-users

KORKSOFT - Software & Internet Solutions
System Integration, E-Commerce, C++/Perl/PHP/ASP
Web hosting, Server Co-Location, Dedicated Circuits
Tel: (603) 672-1246 x 201