https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27812
Kyle M Hall <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #118797|0 |1 is obsolete| | Attachment #119176|0 |1 is obsolete| | --- Comment #22 from Kyle M Hall <[email protected]> --- Created attachment 131166 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=131166&action=edit Bug 27812: Remove the ability to transmit a patron's plain text password over email We should not give libraries the ability to compromise patron accounts, it is considered a huge security issue and nobody in network security would ever recommend allowing passwords to be transmitted in clear text over email. It should simply not be possible to send a patron's password in plain text via email. As such, we should remove this ability from Koha. Test Plan: 1) Apply this patch 2) Create a patron to generate the ACCTDETAILS email 3) Note you can no longer transmit the patron's password in the email Signed-off-by: Amit Gupta <[email protected]> Signed-off-by: Martin Renvoize <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
