[Seaside-dev] Initialize /seaside/config with random password?
Philippe Marschall
philippe.marschall at gmail.com
Mon Sep 22 04:43:02 UTC 2008
Hi
I wanted to open this for discussion:
Right now the configuration application has no password. One of the
reasons for this is that we want the code to load without user
interaction. This troubles we because even today there are publicly
accessible Seaside applications online that have default username and
password.
A possible solution for this would be to set the password to a random
one during loading. Then the user would have to use WAAdmin to set the
password to something he knows. AFAIK several other web frameworks use
this approach.
Cheers
Philippe
More information about the seaside-dev
mailing list