[TYPO3-core] RFC: #11368: ENABLE_INSTALL_TOOL file should be ignored if older than one hour
Steffen Müller
typo3 at t3node.com
Mon Jun 22 15:12:54 CEST 2009
Hi.
On 22.06.2009 12:11 Marc Wöhlken wrote:
> is about 2e-16. Locking the install tool after 3 unsuccessfull attempts
> will reduce the probability to a number nearly as low as the risk of a
> spontaneous ram error negating the result of our password check and
> causing the acceptance of a wrong password.
>
locking means risk of denial of service.
--
cheers,
Steffen
TYPO3 Blog: http://www.t3node.com/
Blubber on Twitter: http://twitter.com/t3node
More information about the TYPO3-team-core
mailing list