[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bug#8069: 23.2.94; auth-source should support ~/.netrc by default

From: Ted Zlatanov
Subject: Re: bug#8069: 23.2.94; auth-source should support ~/.netrc by default
Date: Fri, 18 Feb 2011 15:50:07 -0600
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux)

On Thu, 17 Feb 2011 22:14:53 +0000 Reuben Thomas <address@hidden> wrote: 

RT> Carrot: Default to searching ~/.netrc (unencrypted), ~/.authinfo
RT> (unencrypted), and ~/.authinfo.gpg (encrypted). This means that users
RT> with an unencrypted file or old-name file are not annoyed. By all means
RT> create a symlink from ~/.authinfo to ~/.netrc if the former doesn’t
RT> already exist, and don’t actually search ~/.netrc. (But maybe that would
RT> create potential security problems of its own.)

I want the .gpg file first because I really want to push people towards
encrypting sensitive data.  Otherwise that's fine and a trivial change
and I'll make it soon.

RT> Stick: Display a minibuffer warning message when an unencrypted file is
RT> found. Thus, the user is not actually interrupted (which breeds
RT> annoyance), but does receive a gentle reminder that encrypted is better.

RT> (You could display a more urgent message, or interrupt the user, if a
RT> world-readable authorisation file is found.)

I don't think auth-source.el should undertake that kind of monitoring.
It's annoying and, when incorrect, *very* annoying.

RT> Note that this suggestion does not affect users who have already
RT> migrated to ~/.authinfo{,.gpg}.

It will do an extra fopen() every time something can't be found, even
when .netrc doesn't exist, so it definitely affects people.  I will add
.netrc because it's sensible but I don't like so many file searches.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]