zwicky pages (so far)
Boud Roukema
boud w astro.uni.torun.pl
Śro, 13 Lis 2002, 17:45:23 CET
Hi Bartek,
I think what you are saying is that the password used to
modify a zwicky page could be read while it's passing through
the net, and so other people could then use the password.
Here's my response if I've understood you correctly:
(1) the authorisation is handled by the server zope - we have "encrypt
user passwords" enabled, so i think the passwords are... encrypted -
if zope works as it says it does.
(2) Even if someone *did* get the password, s/he would only be able to
change the same pages that everyone else can change, inside of the zwicky
folder. This is why later on we can consider having some pages modifiable
by *everyone*.
(3) The zope/zwicky login is *not* your adjani login. Your adjani
password will certainly fail on zwicky. Tomek or I need to make you a
login + allow access from your internet service provider (at the
moment we're being ultra-paranoid and only local machines are
authorised).
On Wed, 6 Nov 2002, Bartosz Lew wrote:
> hi all
> if it comesabout those wiki pages thtcan be modifien online I don;t think
> it's very secure since an authorisation goes over an external net (I
> watche the pages from my hause - and didn't log on deliberately)
> unencrypted.
> If one enters adjani hes free to explore further.
> maeybe that should be a seure page.
Więcej informacji o liście Shape-univ