Re: mc security exposure

From: Pavel Roskin <proski gnu org>
To: George Toft <george georgetoft com>
Cc: mc gnome org
Subject: Re: mc security exposure
Date: Fri, 15 Feb 2002 23:24:12 -0500 (EST)

Hi, George!

Using the FTP feature of mc shows the password in the file transfer
screen.  See snippet below (sorry, the ASCII art didn't transfer well):


I could not reproduce this problem with the CVS version of MC.

Recommendation
I feel this is an exposure that need not exist.  If mc is
being used in a demonstration, or when people are around,
the initial logon can be shielded from view, but when transferring
many files, this is not practical.


I agree.

-- 
Regards,
Pavel Roskin

References:
- mc security exposure
  - From: George Toft

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]