>> darcs pull http://user:[EMAIL PROTECTED]
> This is what I have been using for my own restricted and read-only > repositories. The only problem with this is that the username and > password are sent in the clear plus it gets stored in at least 2 > places. So you might want to consider the following: > - If you are using a shell with history features the command > containing your username and password will be stored in the history > file (.bash_history). darcs pull "http://user:$(cat ~/.password)@host.com" > - As Mark pointed out above, the URL of your last used repository will > be stored in _darcs/prefs/repos since the username and password was > part of your URL, it will be stored also. Yes. > HTTP Basic Authentication is not all that secure if you think about > it. But I use it because I found out that some bots (or programs > masquerading as bots) managed to crawl into the repository folder > despite the fact that it is named in my robots.txt file DENY list. > There are other ways to protect against this but HTTP Basic > Authentication is the simplest solution. This cannot be overstated enough. Juliusz _______________________________________________ darcs-users mailing list [email protected] http://www.abridgegame.org/mailman/listinfo/darcs-users
