[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bug#8069: 23.2.94; auth-source should support ~/.netrc by default
From: |
Ted Zlatanov |
Subject: |
Re: bug#8069: 23.2.94; auth-source should support ~/.netrc by default |
Date: |
Fri, 18 Feb 2011 15:50:07 -0600 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) |
On Thu, 17 Feb 2011 22:14:53 +0000 Reuben Thomas <rrt@sc3d.org> wrote:
RT> Carrot: Default to searching ~/.netrc (unencrypted), ~/.authinfo
RT> (unencrypted), and ~/.authinfo.gpg (encrypted). This means that users
RT> with an unencrypted file or old-name file are not annoyed. By all means
RT> create a symlink from ~/.authinfo to ~/.netrc if the former doesn’t
RT> already exist, and don’t actually search ~/.netrc. (But maybe that would
RT> create potential security problems of its own.)
I want the .gpg file first because I really want to push people towards
encrypting sensitive data. Otherwise that's fine and a trivial change
and I'll make it soon.
RT> Stick: Display a minibuffer warning message when an unencrypted file is
RT> found. Thus, the user is not actually interrupted (which breeds
RT> annoyance), but does receive a gentle reminder that encrypted is better.
RT> (You could display a more urgent message, or interrupt the user, if a
RT> world-readable authorisation file is found.)
I don't think auth-source.el should undertake that kind of monitoring.
It's annoying and, when incorrect, *very* annoying.
RT> Note that this suggestion does not affect users who have already
RT> migrated to ~/.authinfo{,.gpg}.
It will do an extra fopen() every time something can't be found, even
when .netrc doesn't exist, so it definitely affects people. I will add
.netrc because it's sensible but I don't like so many file searches.
Ted
- Re: bug#8069: 23.2.94; auth-source should support ~/.netrc by default,
Ted Zlatanov <=