Admin user should be customizable during installation
Reported by semias | March 25th, 2011 @ 07:20 AM | in 5.0.4 (closed)
Right now sitellite creates the "admin" user by default and only asks for an admin password during installation.
This is a huge security issue, because possible hackers can
easily retrieve the admin credentials through sql injection or
other means of hijacking.
If users create their own custom "superuser" account the risk of
this happening is much much smaller.
Therefore, users also have to enter a custom administrator username while installing the sitellite cms.
Comments and changes to this ticket
-
semias March 25th, 2011 @ 07:21 AM
- State changed from “new” to “open”
-
semias March 25th, 2011 @ 07:34 AM
- State changed from “open” to “resolved”
Added this feature by simply adding another input in the form and storing the input in the database, instead of a hardcoded "admin" user.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
The Sitellite web content management system.
semias