Andrew Scherpbier (email@example.com)
Sun, 04 Jul 1999 16:20:23 -0700
Darrell Berry wrote:
> the -u option on htdig seems a security hole...as these command line
> options can be exposed by crafty ps options (correct?)...but they dont
> sem settable in the config file, unless i'm simply not seeing it...
> can these be added, if i'm correct, or can u point me at the approproate
Well, the point of not allowing the username/password to be set in the
configuration file was for security reasons; files could be read by other
users and it is all too easy to forget to properly protect the configuration
files. I think the command line arguments should probably be cleared out
when the process starts, to prevent "ps snooping".
Just my $0.02
-- Andrew Scherpbier <firstname.lastname@example.org> Contigo Software <http://www.contigo.com/> ------------------------------------ To unsubscribe from the htdig mailing list, send a message to email@example.com containing the single word "unsubscribe" in the SUBJECT of the message.
This archive was generated by hypermail 2.0b3 on Sun Jul 04 1999 - 15:41:39 PDT