After examining an issue brought up on the list, I've come to the conclusion it would be best to tighten up BoltWire's login system a bit.
There is a security vulnerability based on BoltWire's ability to store passwords as either plaintext or encrypted. There is no easy way to exploit it at this point, because of other safeguards in place, but our best bet is to have each level as secure as possible. Fortunately, the fix is easy, and elegant. But it could affect some sites. Specifically if you have some members with encrypted passwords and some without, one group or the other will be excluded. And there's no easy way to solve this other than to upgrade all passwords to one or the other format... Could be a challenging problem... Anyway, I'm just curious how many people this might affect? It should only affect you if you have at some point used the loginfmt = plaintext option in your register form, and then, only for some of your login accounts, not all... The other thing I'm wondering, is if we shouldn't change how the encryption key is set. Right now, it's a value defined in site.config, but that almost invites people to change it, when it should never be changed once a site is rolling. A better solution might be to set it as a value in index.php, and tell people never to touch it only once at their initial installation. Another option is not make this change until we get to 4.xx. I think I'm pretty much done with 3.xx, so we could build this into the change for 4.xx. It is the right fix, but it could be a massive problem for a small number of users. Hopefully none... Feedback on how to proceed is appreciated... Cheers, Dan -- You received this message because you are subscribed to the Google Groups "BoltWire" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/boltwire?hl=en.
