> Woohoo! I've been wanting to see this for a while.
> Will v5 also allow
> access to the password page (or the admin page) from the external
> interface, if SSL is enabled?
This would still open up the servers to brute force attacks from the
Internet. If it is going to be able to be "enabled" on the public side as a
feature, I would hope for it to be shipped as "disabled" by default.
Since everyone knows the login is admin, it would be exponentially easier to
attack just the password.
Justin.
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
