A BOPINC account manager is specifically for cross site account management. There are 2 of them so far, BOINC Stats BAM and Grid Republic. Why do you believe you need to implement this code?
JM7 -----Original Message----- From: boinc_dev [mailto:[email protected]] On Behalf Of Brian Sent: Thursday, March 16, 2017 1:07 PM To: [email protected] Subject: [boinc_dev] BOINC Account Manager & Password Keys Hi, I am working on a research pool for Gridcoin. Part of this development involves an account management piece to the site. During the development of the account manager, I noticed when BOINC client makes an account manager request to my server, it passes all projects that are attached to it into the account manager regardless of what attached it. This data includes the password keys to the projects which are not currently attached to my account manager. It appears I could take these account keys to gain access to individuals accounts for those projects. Just mostly an observation, not sure if this has been discussed or not... Thanks for your time, Brian Burkhardt... _______________________________________________ boinc_dev mailing list [email protected] https://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address. _______________________________________________ boinc_dev mailing list [email protected] https://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
