| Summary | Login tricks |
| Queue | IMP |
| Queue Version | RELENG_3 |
| Type | Bug |
| State | Not A Bug |
| Priority | 2. Medium |
| Owners | |
| Requester | aromanov (at) eerc (dot) kiev (dot) ua |
| Created | 09/09/2004 (7644 days ago) |
| Due | |
| Updated | 09/09/2004 (7644 days ago) |
| Assigned | |
| Resolved | 09/09/2004 (7644 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
State ⇒ Not A Bug
browser, which shares cookies, and not logging out - either that, or
you have the session id embedded in your "saved source" - so of course
you see the accounts without auth.
Second, this is just way unsupported (and unsecure) behavior on your part.
State ⇒ Unconfirmed
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ Login tricks
Queue ⇒ IMP
To simplify login procedure I saved the login page, inserted my login
and password data into html source. Now I need just to click the
button without typing it every time. When I tried to use the same
modified login page for another account simply copying the file and
changing the login and password data the strange thing occurred. Both
accounts, then activated from the copied login pages, can have access
to each other's mail. Probably this is due to the same identifier
assigned to 'Horde2' input value that is used in both files. Although
this is not a critical error, it potentially might be used for
unauthorized access.
Thank you for consideration.
Alexander Romanov