[vlc-devel] commit: ftp: let the user see the password in the conf ( was a bad idea to hide it). ( Rémi Duraffort )
Dominique Leuenberger
dominique at leuenberger.net
Thu Sep 3 14:15:14 CEST 2009
Quoting Rémi Denis-Courmont <remi at remlab.net>:
>
> On Thu, 03 Sep 2009 12:33:43 +0300, "Dominique Leuenberger a.k.a DimStar"
> <dimstar at opensuse.org> wrote:
>> Quoting git version control <git at videolan.org>:
>>
>>> vlc | branch: master | Rémi Duraffort <ivoire at videolan.org> | Thu
>>> Sep 3 11:23:20 2009 +0200|
>>> [6661f221c5c60dcc48170af4148fc229d61bb702] | committer: Rémi Duraffort
>>>
>>> ftp: let the user see the password in the conf (was a bad idea to hide
>> it).
>>
>> Why would hiding the password be a bad idea? I would actually hate
>> entering a password in a dialog that is visible.
>
> Unfortunately, FTP is a special case where the password has been hijacked
> into an email address for anonymous.
Yes, but nevertheless almost no server enforces this. A standard MSIE
setup sends IEUSER@ as password for anonymous passwords and yet this
all works.
I think I have crossed about 2 - 3 times a server that actually try to
do some verification on the mail address (I've seen them verifying the
MX records for example). But that's one in thousands!
But well, why trying to 'show' security when using FTP anyhow :) I can
perfectly live with it. No worries. Thanks for all!
Dominique
More information about the vlc-devel
mailing list