[TYPO3-dev] passwords in ext_conf_template.txt
"Kitsunet (Christian Müller)"
christian at kitsunet.de
Wed Apr 25 08:24:58 CEST 2007
Well it wouldn't help anyway. It just obscures the PW, but anyone having
Admin Rights in TYPO could get it anyway. The PW would need to be stored
in cleartext into the Configuration, hash is not possible, and as an
Admin I usually (at last with help of quixplorer or similar) can read
Configuration. So even if the PW was obscured by a PW field any Admin
could find it out if he wants to...
Christian
Søren Schaffstein wrote:
> Hello Tapio,
>
>>
>>> If not, are there any intentions to work on such a feature, since
>>> this seems to be nice when storing sensitive information for an
>>> extension...
>>>
>> Define possibility to use TS config for users/user groups
>>
> thanks for your reply!
>
> In my case this doesn't seem to help. The extension connects to an
> external db and synchronises the fe_users table with this external db.
> Username, password, etc. for the external db has to be entered once and
> is independent of be user. Since only admins can see the Extension
> Manager the missing passwort field is not too dangerous, but it would be
> nice if it were there...
>
> Søren
>
More information about the TYPO3-dev
mailing list