The second one doesn't really have a solution, does it? That's just a security problem on the users side, so that would deal with them having a virus, nothing much can be done there.
(not completely sure, because I haven't done tons of research in this area.)
On Sat, Oct 18, 2008 at 11:02 AM, Leo Wandersleb
<address@hidden> wrote:
hi
http://hg.globulation2.org/glob2/rev/4e08a4cd40ab
has these modifications:
> --- a/data/texts.en.txt Sun Aug 24 18:13:32 2008 -0400
> +++ b/data/texts.en.txt Thu Oct 16 02:57:56 2008 -0400
> @@ -681,11 +681,11 @@ ready?
> [refresh map list]
> Refresh Map List
> [Register a new YOG user with password]
> -Register a new YOG user with a password. (insecure)
> +Register a new YOG user with a password.
> [remember unit]
> Remember Unit
> [Remember YOG password localy]
> -Remember the password locally. (insecure)
> +Remember the password locally.
> [remove map]
> Remove Map
> [remove shortcut]
while the first modification might be correct due to path protected (ssl, ...) transmission of the pw (i don't know of) and the new hashing in the db, i'm pretty sure the second is as insecure as always.
> address@hidden:~$ cat /home/leo/.glob2/preferences.txt | grep password
> password=my_password
else i'm happy to see bugfixes/progress for the first time in weeks :)
greetings,
leo wandersleb
--
Wer mir seinen Brief im verschlossenen Kuvert schicken möchte, kann das mit diesem Schlüssel tun:
http://wiki.leowandersleb.de/index.php/Public_Key
_______________________________________________
glob2-devel mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/glob2-devel