Re: Security flaw: subversion stores passwords by default

From: Vincent Lefevre <vincent+svn_at_vinc17.org>
Date: Fri, 21 Mar 2008 16:10:12 +0100

On 2008-03-20 01:02:35 +0100, Hadmut Danisch wrote:
> Just read that:
>
> " Trust your OS to protect data on disk."
>
> That's nonsense.

Yes, even though the OS can protect data on disk, there are great
applications (run by the user) that can read them and send them
to arbitrary remote servers:

https://bugzilla.mozilla.org/show_bug.cgi?id=230606

AFAIK, this bug is still present in Firefox 2 (all versions).

-- 
Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org

Received on 2008-03-21 16:10:38 CET

This message: [ Message body ]
Next message: Vincent Lefevre: "Re: Security flaw: subversion stores passwords by default"
Previous message: Vincent Lefevre: "Re: diffs for all successive versions of a file?"
In reply to: Hadmut Danisch: "Re: Security flaw: subversion stores passwords by default"
Next in thread: Greg Thomas: "Re: Security flaw: subversion stores passwords by default"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]