[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Any objection to releasing 1.3.27 tomorrow?



>>>>> "Chris" == Chris Travers <..hidden..> writes:
    Chris> 2)  A couple of important extensions to setup.pl including:
    Chris> * If no db is entered in the credentials screen, a list of
    Chris> db's found 
    Chris> on the server is brought up.

Can this be turned off?
It can invite trolling on a site that might be visible to the Internet.
(and a scan of port 443 would be the first thing I'd do if I got into
an Intranet with malicious intent)

I also wouldn't mind if the default company could be stored in a
long-term cookie, and if whatever is causing my browser to refuse to
save my password could be optional.  

I'd rather give users really really really strong passwords which their
browser stores (under a browser master password), than force them to
type and/or copy&paste each time which encourages them to keep a post-it
on their monitor.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] ..hidden.. http://www.sandelman.ottawa.on.ca/ |device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
	               then sign the petition.