[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: auth-source change default spec
From: |
Richard Riley |
Subject: |
Re: auth-source change default spec |
Date: |
Mon, 30 Apr 2012 14:51:24 +0200 |
User-agent: |
Gnus/5.130004 (Ma Gnus v0.4) Emacs/24.0.93 (gnu/linux) |
Ted Zlatanov <address@hidden> writes:
> On Sat, 28 Apr 2012 10:45:37 +1000 Tim Cross <address@hidden> wrote:
>
> TC> I've recently run into a minor problem with the auth-source library
> TC> which I think is due to the default SPEC for auth-sources. I wanted
> TC> some feedbak before logging a bug request and also wanted to make this
> TC> possible issue visible asap given the need to get defaults sorted for
> TC> the next release.
>
> TC> The current default sorces spec (taken from recent emacs bzr sources) is
>
> TC> ("~/.authinfo" "~/.authinfo.gpg" "~/.netrc")
>
> TC> I think it should be changed to have .authinfo.gpg first in the
> TC> list.
>
> Could you please read through Emacs bug #9113? It deals with this issue
> at length.
>
> http://comments.gmane.org/gmane.emacs.bugs/49377
>
> I had the .gpg file first originally and would still like it to be
> first, but the objections are quite reasonable.
>
> TC> The reason is that if you already have a .authinfo.gpg file and then
> TC> attempt to access a resource for which you don't yet have credentials
> TC> and the search criteria specifies the :create option, because
> TC> .authinfo is first, it will attempt to save the credentials in the
> TC> .authinfo file and not .authinfo.gpg. If you have things configured to
> TC> ask if you want to save (the default) it will ask if you want to save
> TC> to .authinfo even when it is aware you have a .authinfo.gpg file. It
> TC> does not appear to give you an option to change this. If you just
> TC> accept the defaults and you do use .authinfo.gpg, things will break
> TC> when you add new credentials because it will create a .authinfo
> TC> file.
>
> I don't think anything is broken. auth-source is simply respecting
> `auth-sources' as it's supposed to. Preferring the second source
> because of some attribute (e.g. "it has the .gpg extension") is much
> worse in terms of usability.
I would strongly disagree. I would expect it should default to the most
secure. And allow fall through on the search. Should you really want,
for some really obscure reason, to prefer a plain text file for secure
passwords over the .gpg then some sort of override could be
implemented. I know I'd be pretty miffed if I saved passwords thinking
they were going into .gpg only to have them read out to me at a later
date by someone who got hold of the plaintext file.