Date: Fri, 8 Mar 2002 16:10:52 +0100 From: Ernst de Haan <znerd@FreeBSD.ORG> To: "Koster, K.J." <K.J.Koster@kpn.com>, Mike Harding <mvh@ix.netcom.com> Cc: java@FreeBSD.ORG Subject: Re: Updated www/orion --> 1.5.2_7 Message-ID: <200203081510.g28FArd09800@zaphod.euronet.nl> In-Reply-To: <59063B5B4D98D311BC0D0001FA7E452205FDA448@l04.research.kpn.com> References: <59063B5B4D98D311BC0D0001FA7E452205FDA448@l04.research.kpn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Kees Jan and Mike,
> Using default passwords is simply a bad idea. Remember the slashdot test
> site hack from a while back? Oracle anyone? (Was it Oracle? I'm not sure,
> big database vendor).
Okay. Got the point. You're right.
> Please leave the admin account as it is in Orionserver's distribution kit.
> When people need the admin account, they can enable it and set a password
> for their purpose (and it's their own stupid fault if they use "123"). If
> they don't need it, they won't unknowingly have accounts enabled that other
> people know the password for.
Okay, what if I let the port ask for the admin password if the port is run
from the commandline, while I will disable the admin account if the port is
run in a batch ?
Ernst
--
Ernst de Haan
EuroNet Internet B.V.
"Come to me all who are weary and burdened
and I will give you rest" -- Jesus Christ
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-java" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203081510.g28FArd09800>