[Tickets #5101] Re: horde disclosure of DB connection string in error message
bugs at bugs.horde.org
bugs at bugs.horde.org
Mon Mar 12 17:55:20 UTC 2007
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=5101
-----------------------------------------------------------------------
Ticket | 5101
Updated By | liamr at deathstar.org
Summary | horde disclosure of DB connection string in error message
Queue | Horde Base
Version | HEAD
Type | Bug
State | Feedback
Priority | 1. Low
Owners |
-----------------------------------------------------------------------
liamr at deathstar.org (2007-03-12 10:55) wrote:
Ok, so the normal users gets a "Details have been logged for the
Administrator", but administrators get the dump of the DB object.
Is this the piece of documentation that suggests this behavior?
docs/INSTALL - section 5a:
a. In the ``Which users should be treated as administrators`` field
enter a
comma separated list of user names of your choosing. This will
control
who is allowed to make configuration changes, see passwords,
potentially
add users, etc.
More information about the bugs
mailing list