Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0010470 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] 00. Application dictionary | critical | always | 2009-09-03 10:17 | 2009-09-05 00:00 | |||
| Reporter | networkb | View Status | public | |||||
| Assigned To | iciordia | |||||||
| Priority | immediate | Resolution | no change required | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | 2.50MP4 | SCM revision | ||||||
| Review Assigned To | ||||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0010470: The user System of the application should be removed | |||||||
| Description | The user System of the application should be removed. All the applications have a user System with password System that is not known for many Partners and clients, so generally this user is not removed when starting a project, so if some one knows that this users exists, it is possible to access to the application as system administrator. The Openbravo user is correct because is known and the partners used to change the password of this user. | |||||||
| Steps To Reproduce | -Login with user System and password System | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0019469) iciordia (manager) 2009-09-04 11:46 |
This is not a bug. The configuration manual (http://wiki.openbravo.com/wiki/ERP/2.50/Configuration_Manual/Getting_started#Change_default_passwords [^]) explains that defaults passwords should be modified as a first step in the process. Additionaly, recently we did another fix (bug 10447) so user System is created by default without privilege to log in. Ismael |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-09-03 10:17 | networkb | New Issue | |
| 2009-09-03 10:17 | networkb | Assigned To | => rafaroda |
| 2009-09-04 11:43 | iciordia | Assigned To | rafaroda => iciordia |
| 2009-09-04 11:46 | iciordia | Status | new => closed |
| 2009-09-04 11:46 | iciordia | Note Added: 0019469 | |
| 2009-09-04 11:46 | iciordia | Resolution | open => no change required |
| 2009-09-04 12:00 | rafaroda | Relationship added | related to 0010447 |
| 2009-09-04 19:12 | dmitry_mezentsev | Relationship added | blocks 0010399 |
| 2009-09-05 00:00 | anonymous | sf_bug_id | 0 => 2851895 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |