[TYPO3-core] RFC: #11368: ENABLE_INSTALL_TOOL file should be ignored if older than one hour
Michael Stucki
michael at typo3.org
Sun Jun 21 18:41:37 CEST 2009
Again, now with proper subject :-)
- michael
Michael Stucki schrieb:
> This is an SVN patch request.
>
> Type: Minor security enhancement
>
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=11368
>
> Branch: TYPO3_4-1, TYPO3_4-2, Trunk
>
> Problem:
> To enable access to the Install Tool, a file
> typo3conf/ENABLE_INSTALL_TOOL must be created.
> In cases of an insecure Install Tool password, it would be helpful if
> that file is automatically removed if it is older than one hour. This
> assures that an admin has explicitely unlocked the Install Tool within
> the last hour.
>
> Solution:
> Remove the file if it is older than 1 hour.
> Additionally, I have slightly adjusted the error message and changed the
> syntax from one huge line to smaller pieces.
>
> - michael
>
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-team-core
mailing list