[python-committers] [Infrastructure] [Pydotorg] XSS security issue
Antoine Pitrou
solipsis at pitrou.net
Mon Jul 15 18:02:35 CEST 2013
On 2013-07-15 17:16, R. David Murray wrote:
>
>> I will make the password available to whoever is in charge, (Or they
>> can just change the password themselves I don't care).
>
> I think the user should just be retired. My guess is that it dates
> from
> a time when we were less worried about bad actors coming in and
> trashing
> things just for the fun of it. What I don't know is if there is some
> script somewhere depending on it being a valid user. For now, I've
> removed its access roles, and we'll see if anything breaks.
Isn't it the user for automatic Roundup updates from hg pushes?
Regards
Antoine.
More information about the python-committers
mailing list