Am 16.12.2010 um 20:58 schrieb Marius Gedminas:
> On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
>> Marius Gedminas wrote:
>>> So, did you know that by default Zope stores a copy of every user's
>>> username and password in your ZODB, in plain text, on every login that
>>> uses for
On 12/17/10 00:55 , Tres Seaver wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 12/16/2010 02:58 PM, Marius Gedminas wrote:
>> On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
>>> Marius Gedminas wrote:
So, did you know that by default Zope stores a copy of every u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:58 PM, Marius Gedminas wrote:
> On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
>> Marius Gedminas wrote:
>>> So, did you know that by default Zope stores a copy of every user's
>>> username and password in your ZODB, in
On Thu, Dec 16, 2010 at 08:39:40PM +0100, Andreas Jung wrote:
> Marius Gedminas wrote:
> > So, did you know that by default Zope stores a copy of every user's
> > username and password in your ZODB, in plain text, on every login that
> > uses forms and sessions (rather than HTTP basic auth)?
>
> B
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marius Gedminas wrote:
> So, did you know that by default Zope stores a copy of every user's
> username and password in your ZODB, in plain text, on every login that
> uses forms and sessions (rather than HTTP basic auth)?
By "Zope" you mean Zope 3, Z
So, did you know that by default Zope stores a copy of every user's
username and password in your ZODB, in plain text, on every login that
uses forms and sessions (rather than HTTP basic auth)?
Look for them in /++etc++site/default/PersistentSessionDataContainer,
inside the numerous SessionCredent