Am 15.09.10 12:24, schrieb Cédric Krier: > Hi, > > One of biggest security issue in default trytond installation is the > admin_password that is in clear text in trytond.conf. > > This is a legacy from OpenERP to allow newbie users to setup a database from > the client easily. > > I propose to change the cleared hardcoded password with a validation of the > password of the user running trytond. > > What do you think? > what about a hashed password in config? I don't think that a system user should have a password at all.
-- [email protected] mailing list
