[TYPO3-v4] Enabling saltedpasswords and rsaauth by default
Xavier Perseguers
xavier at typo3.org
Sat Jul 23 16:56:17 CEST 2011
Hi Helmut,
> Do you think that enabling rsaauth/ saltedpasswords in an upgrade wizard
> is a bad idea? If so, why?
Well, I'd say you never know which extension is already installed and
which part of it may do fancy stuff with direct database access and
modification. You have a (slightly) risk to break an install if you
activate it.
Of course, this would be better from a security point of view...
Cheers
--
Xavier Perseguers
Release Manager TYPO3 4.6
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
More information about the TYPO3-project-v4
mailing list