search

AlyceBrady / ramp

Record and Activity Management Program (temporarily combined with SMART: Software for Managing Academic Records and Transcripts)
BSD 2-Clause "Simplified" License
3 stars 11 forks source link

Encrypted passwords should not be visible via RAMP #52

Closed AlyceBrady closed 10 years ago

AlyceBrady commented 10 years ago

Ramp is currently checking that a user (e.g., DBA) cannot add or modify passwords via normal table actions, but it is allowing authorized users to view the encrypted passwords. For security reasons, it would probably be better to stop that.