On Sun, Sep 29, 2013 at 6:14 PM, Chad Perrin <c...@apotheon.net> wrote:
> My understanding is that the concern raised was about copying (i.e. > shell command cp, or maybe scp), not syncing. > It would only be copied if someone copies their checkout db file, which would be a highly unusual thing to do. Of course, when copying your whole home dir or some such it would be copied along with anything else, but there is _certainly_ more sensitive info under one's home dir than the list of fossil commands one called while under a given checkout. i.e. i don't personally consider this to be any sort of security thread, but... there are those with a better eye for this sort of thing. For example, i'm not going to add saving of command arguments (only the command name) because BohwaZ pointed out the case of passing a password to the commands which take a URL, and i do not want to special-case any of the arguments to handle that (there's always another corner case which will slip by...). In any case, this feature is very low on the prio list, and it's still not clear whether it should really be added or allowed to die off quietly. While i find it an interesting feature, it's certainly not vital and it does have a number of touchy questions associated with it. Opinions are of course welcomed. -- ----- stephan beal http://wanderinghorse.net/home/stephan/ http://gplus.to/sgbeal
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
