[TYPO3-project-4-3] Making RSA Auth default login method?
Michael Stucki
michael at typo3.org
Wed May 6 11:35:05 CEST 2009
Hi Dmitry,
> Michael Stucki wrote:
>> Settings in $TYPO3_CONF_VARS can easily be changed globally, but
>> any EM configuration or action requires the same steps for every
>> installation.
>
> That's correct but I will feel more secure if my keys do not go to
> the same directory as somebody else keys :) On my servers I even set
> up different PHP session directories for different vhosts.
We use chroot for that. So it can be the same path for all sites.
Anyway, it's probably OT here. I will definitely find a way to override
this configuration setting, probably by hardcoding it.
> Yes, I thought about it. I decided on the extension configuration
> instead. Using TYPO3_CONF_VARS may lower the security a little
> because adding another member of TYPO3_CONF_VARS requires a simple
> editing of localconf.php. Altering extension data in localconf.php is
> harder because it is a serialized array.
I see no additional security in this. Never mind.
>> Thinking about this, I start dreaming of a commandline-interface
>> for the extension manager... :-)
>
> I always dream about t3shell :D Just imagine:
Sounds really great indeed!! :-)
- michael
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-project-4-3
mailing list