On 22.04.2023 10:27, Branko Čibej wrote:
On 21.04.2023 16:43, Johan Corveleyn wrote:
My plan is to revert r1845377 during next weekend. For the first bulletpoint
nothing has to be done, but if consensus changes during the week, I can do the
work to to implement option 1. For the second bullet point I'd like to reach
consensus (on the short- and long term plan) by the same time, then if we
decide on 2/3 we will put it on the wish list for a future release.
Great!
There was one additional suggestion: obfuscate plaintext passwords, or
encrypt them with a key embedded in the code (or even with a key
supplied at compile-time).
There's actually a branch for that, but the feature never made it to
trunk.
I'll just add that the intent of that branch is to properly encrypt
passwords at least on Linux, not to obfuscate them or embed a key in the
code. The latter is worse than storing in plain text, because the effect
is the same but it adds a veneer of false sense of security.
-- Brane
