[imp] Password disclosure

Lars Hecking lhecking@nmrc.ucc.ie
Fri, 23 Nov 2001 14:15:42 +0000

Previous message: [imp] Password disclosure
Next message: Probleme IMP-4.0 folders.php
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> No, this is our issue. People asked so many times to make the login 
> credentials available to all Horde apps, that we put it in the session 
> data. Unfortunately no one had the time so far to store it encrypted.
 
 Can you please provide a patch that leaves out this information
 until it is fixed properly?

 One doesn't store cleartext passwords. Never ever.

> But that will hopefully be fixed before the release.

Previous message: [imp] Password disclosure
Next message: Probleme IMP-4.0 folders.php
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]