This release, just out, fixes a glitch recently introduced in the data action. And it tightens security on writing data values--so that only those fields a user can read (aka site.auth.data) can be written. There are no known security holes using default settings, but an admin could unintentionally open up a hole. Therefore, I'd upgrade, or at the very least keep your data action restricted to admins.
Cheers, Dan P.S. I also just released a solutions page for a simple password changer script. http://www.boltwire.com/index.php?p=solutions.community.passwords. It requires the latest version of the crypt plugin, also released today. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "BoltWire" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/boltwire?hl=en -~----------~----~----~----~------~----~------~--~---
