| Posted By: tidus on August 5, 2014, 11:07 am | Post: 1 |
|
Hi,
Quote 1. During installation, the MySQL password field is in plain text. Recommend using a password masking field for those "over-the-shoulder lookers". Okay, we will add it. Quote 2. MySQL root password is stored unencrypted. Even though it is for testing purposes, anyone with access can gain root MySQL access. Recommend hashing the password.
3. Related to / affected by #2, there isn't a way to modify the MySQL root password in the settings except for the file. If implementing a password hash, recommend also adding a setting in the Softaculous control panel to allow password update if the user changes the root password. Okay, we can provide an easy command line utility for the same. Quote 4. Installations which require PHP below 5.3 are shown as an available option to users with PHP 5.3+. Recommend hiding installs which require specific PHP versions. We will have to discuss about this. Edited by tidus : August 5, 2014, 12:26 pm ----------------------- Follow AMPPS on, Twitter : https://twitter.com/AMPPS_Stack Facebook : http://www.facebook.com/softaculousampps Google+ : https://plus.google.com/+AmppsStack |