[TYPO3-dev] Thoughts about security in BE
Andreas Otto
andreas at otto-hanika.de
Tue Jan 22 09:58:15 CET 2008
Hello Marcus,
> My intention is to get a DEFAULT installation of TYPO3 as secure as
> possible. Any optional and currently provided measures could just be
> omitted when a admin gets his installation running.
>
>
> - require old/current password for password changes
> - implementing authentication meachnism for phpmyadmin
> - implementing authentication mechanism for EM
>
> are quite simple but effective steps to get a default TYPO3 installation
> more secure
Feel free to provide a patch and send this alongside with an RFC and an
entry in the bug tracker to the core list [1].
[1]<http://typo3.org/teams/core/core-mailinglist-rules/>
Cheers,
Andreas
--
Amazon wishlist: <http://www.amazon.de/gp/registry/14PIOKAJCIH95>
More information about the TYPO3-dev
mailing list