Andrew Scherpbier (firstname.lastname@example.org)
Sun, 04 Jul 1999 16:20:23 -0700
Darrell Berry wrote:
> the -u option on htdig seems a security hole...as these command line
> options can be exposed by crafty ps options (correct?)...but they dont
> sem settable in the config file, unless i'm simply not seeing it...
> can these be added, if i'm correct, or can u point me at the approproate
Well, the point of not allowing the username/password to be set in the
configuration file was for security reasons; files could be read by other
users and it is all too easy to forget to properly protect the configuration
files. I think the command line arguments should probably be cleared out
when the process starts, to prevent "ps snooping".
Just my $0.02
-- Andrew Scherpbier <email@example.com> Contigo Software <http://www.contigo.com/> ------------------------------------ To unsubscribe from the htdig mailing list, send a message to firstname.lastname@example.org containing the single word "unsubscribe" in the SUBJECT of the message.
This archive was generated by hypermail 2.0b3 on Sun Jul 04 1999 - 15:41:39 PDT