[Wine] Thoughts regarding the database compromise....
jjmckenzie51 at gmail.com
Sun Oct 16 17:46:33 CDT 2011
On 10/16/11 7:09 AM, dimesio wrote:
> oiaohm wrote:
>> There is a reason why wine never in the first place went for a single sign on solution.
> I was under the impression that the "reason" was simply because the different parts of the site evolved separately. I also suspect that many, possibly most, users used the same email address and password on all parts of the site anyway, so the "security" of forcing people to create separate accounts is illusory.
The move to a single sign-on was discussed at length both on and
off-line. It was decided NOT to implement such a feature because if
your Forum logon, for instance, was cracked, so was your Bugzilla and
Applications Database. Some of the older users found that
unacceptable. As a Information Security Specialist, I found that
unacceptable as well. We require, in my workplace, separate logins for
each system a user accesses, specifically to address that case.
More information about the wine-users