[imp] Passwd Module: Security vulnerability ???
Ashwin Kotian
ashwin at comstocksys.com
Tue Jul 15 18:21:42 PDT 2003
Hi AJ,
What does this parameter do ? And I anyway did try as you suggested, but I'm
still able to see the username displayed & change it to another username &
also change the password (since I know the other username's original
password).
Is there a way to totally disable the Username display so that even if I
know the original password I (as a normal user)cannot change the password
using this module while logged in from another regular account ?
Thanks,
Ashwin.
----- Original Message -----
From: "AJ" <aj at mindcrash.com>
To: <imp at lists.horde.org>
Sent: Tuesday, July 15, 2003 5:59 PM
Subject: Re: [imp] Passwd Module: Security vulnerability ???
> Sorry, this should be placed in passwd/config/conf.php
>
>
> At 08:58 PM 7/15/2003 -0400, AJ wrote:
> >Place this in config/conf.php
> >$conf['user']['change'] = false;
>
>
> --
> IMP mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
More information about the imp
mailing list