[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[glob2-devel] (insecure) where it is insecure
From: |
Leo Wandersleb |
Subject: |
[glob2-devel] (insecure) where it is insecure |
Date: |
Sat, 18 Oct 2008 17:02:37 +0200 |
User-agent: |
Mozilla-Thunderbird 2.0.0.16 (X11/20080724) |
hi
http://hg.globulation2.org/glob2/rev/4e08a4cd40ab
has these modifications:
> --- a/data/texts.en.txt Sun Aug 24 18:13:32 2008 -0400
> +++ b/data/texts.en.txt Thu Oct 16 02:57:56 2008 -0400
> @@ -681,11 +681,11 @@ ready?
> [refresh map list]
> Refresh Map List
> [Register a new YOG user with password]
> -Register a new YOG user with a password. (insecure)
> +Register a new YOG user with a password.
> [remember unit]
> Remember Unit
> [Remember YOG password localy]
> -Remember the password locally. (insecure)
> +Remember the password locally.
> [remove map]
> Remove Map
> [remove shortcut]
while the first modification might be correct due to path protected (ssl, ...)
transmission of the pw (i don't know of) and the new hashing in the db, i'm
pretty sure the second is as insecure as always.
> address@hidden:~$ cat /home/leo/.glob2/preferences.txt | grep password
> password=my_password
else i'm happy to see bugfixes/progress for the first time in weeks :)
greetings,
leo wandersleb
--
Wer mir seinen Brief im verschlossenen Kuvert schicken möchte, kann das mit
diesem Schlüssel tun:
http://wiki.leowandersleb.de/index.php/Public_Key
- [glob2-devel] (insecure) where it is insecure,
Leo Wandersleb <=