Don't allow inactive accounts to authenticate using basic auth
Mike McGrath
mmcgrath at redhat.com
Sun Mar 22 01:59:17 UTC 2009
On Sat, 21 Mar 2009, Ricky Zhou wrote:
> On 2009-03-21 08:59:24 PM, Jon Stanley wrote:
> > Inactive accounts could authenticate to sites using mod_auth_pgsql.
> >
> > Pretty sure all of these apps are not under freeze, but rather be safe. Some +1's?
> We tested this out on hosted1 with active and inactive accounts, so:
> +1
>
+1
-Mike
More information about the infrastructure
mailing list