[ic] [interchange] * Interchange has long been distributing the dump page. This is

Stefan Hornburg (Racke) racke at linuxia.de
Tue Mar 25 08:15:00 UTC 2014

On 03/25/2014 01:23 AM, Jon Jensen wrote:
> Mike,
> I agree that it's probably unwise to leave the dump page there in default installations.
> However, requiring the SQL database password by default seems like an unwise enticement for people to send an important piece of information over the wire -- and you know many will do it over http, not https. So to me this feels like it will actually make security worse.
> Why don't we just remove the dump.html page entirely? We can leave a copy in the eg/ directory and suggest people name it something obscure and hardcode their own trivial password in it. But not having it in default installs at all seems like a good move.
> What does everyone else think?

Let's get rid of it. The same information can be found in the admin, right?


LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

More information about the interchange-users mailing list