boinc pages set an "auth cookie"on the client/browser side - so people don't
have to login every time they visit. it is just a string (authenticator) in a
local file on their client web browser, i.e. cached in Internet Explorer,
Safari, etc. So it is safe, i.e. a hacker would have to be on their local
computer or get access to their local cache file to find the authenticator
string etc (and if they could do that then the person is royally screwed anyway
;-)
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
