0003137: 2 installations on same host..

ID	Project	Category	View Status	Date Submitted	Last Update
0003137	mantisbt	security	public	2003-04-17 11:47	2004-02-06 16:15

Reporter	polarfox	Assigned To	jlatour
Priority	normal	Severity	block	Reproducibility	sometimes
Status	closed	Resolution	fixed

Summary	0003137: 2 installations on same host..
Description	you can do your own mantis, login at administrator account. then change to other mantis on same host. magic you are a administrator there too.
Tags	No tags attached.

jlatour 2003-04-17 11:55 reporter ~0004200	I believe this is because the default administrator has a default cookie value. That is why we recommend removing that account, but we should probably regenerate that cookie hash. You should probably tweak your cookie path settings though.

grangeway 2003-08-07 16:48 reporter ~0004506	would the changes I added to 0003266 by sufficient to solve this?

grangeway 2003-08-15 09:57 reporter ~0004528	note: those changes are only a partial solution - i.e. it generates a unique hash, however there's still the possibility that two databases could generate the same unique cookie hash...

jlatour 2004-01-25 18:02 reporter ~0004924	Fixed in CVS, will be in 0.18.1.