Hello Everyone;
I was just playing around with the database browser portlet (which
comes standard with jetspeed) and couldn't help but notice that any user
could edit the query (when customizing the portlet). In turn, the user
can change the query to 'select * from turbine_user' and get a list of
username's and passwords for the system. Other then removing the
portlet from the system, is there any other way I could change this so
that the users wouldn't be able to see this information?
Thanks
Rob
:wq
