[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3

Xavier Perseguers typo3 at perseguers.ch
Mon Oct 6 11:29:34 CEST 2008


Hi!

>> then this is not our problem if he acts this irresponsibly, after all 
>> we can't cover all cases (especially not the user created stupid ones).
> 
> It is not about acting irresponsibly. Lots of problems exists on Windows 
> platform that allow to create such files remotely through exploits. 
> Administrator can be completely unaware of it.
> 
> This was the case for "Admin" (AKA "Nimda") virus several years ago. 
> Even NTFS permissions did not always help. You remove the virus and it 
> appears again within seconds. It is just impossible to fight it.
> 
> Therefore I think such check is good. It costs nothing (comparing 
> constant to a constant string) but provides better security.

I agree 100% with you.

-- 
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html


More information about the TYPO3-team-core mailing list