Don't allow inactive accounts to authenticate using basic auth

Mike McGrath mmcgrath at redhat.com
Sun Mar 22 01:59:17 UTC 2009


On Sat, 21 Mar 2009, Ricky Zhou wrote:

> On 2009-03-21 08:59:24 PM, Jon Stanley wrote:
> > Inactive accounts could authenticate to sites using mod_auth_pgsql.
> >
> > Pretty sure all of these apps are not under freeze, but rather be safe. Some +1's?
> We tested this out on hosted1 with active and inactive accounts, so:
> +1
>

+1

	-Mike




More information about the infrastructure mailing list