[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: don't put passwords in .emacs

From: Alex Schroeder
Subject: Re: don't put passwords in .emacs
Date: Mon, 07 Jan 2002 19:07:40 +0100
User-agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/21.1 (i686-pc-linux-gnu)

address@hidden (Dan Jacobson) writes:

> I hope various emacs packages don't put passwords etc. in the .emacs
> file, as I hope to share it on my webpage and with friends [actually,
> enemies, as it is about as sanitary as this Hong Kong housing project
> http://www.geocities.com/jidanni/images/19890327hk.jpg ]

If you customize sql-password, it will be saved in your .emacs file,
just like every other variable.  Saving a variable customization will
invariably save it in a file.  This is why sql-password's
documentation warns you about it.  Do you think that is enough?  Try
M-x customize-group RET sql RET and look at the "Sql Password" entry
-- it's not obvious.  Do you think it misleading?  (ie. would it be
misleading your mom?)

The alternative would be to make such variables uncustomizable.  Then
you'd have to put the (setq sql-password "tiger") in your .emacs by
hand.  I'm not sure I like that, though.  A SQL crack might have to
work with Emacs and SQL every day, so he wants to store his
(developper) password in a file.  But if the SQL crack is an Emacs
newbie, he will no longer be able to do it.  That's sad.  So there a
choice to be made.  I chose to let 'em save passwords in files.  Try
to convince me otherwise.  :)


sql-password's value is "tiger"

*Default password.

Storing your password in a textfile such as ~/.emacs could be dangerous.
Customizing your password will store it in your ~/.emacs file.

You can customize this variable.

Defined in `sql'.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]