Hello, the root page of the Lenya 2.0.3 servlet lets you create new publications without requiring any authentication. Doesn’t this mean that an attacker could cause a denial of service by repeatedly creating publications?
Best wishes, Wolfgang --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org For additional commands, e-mail: user-h...@lenya.apache.org