Symptom Using the FTP feature of mc shows the password in the file transfer screen. See snippet below (sorry, the ASCII art didn't transfer well):
lqqqqqqqqqqqqqqqqqqqqqqqqqqq Copy qqqqqqqqqqqqqqqqqqqqqqqqqqqk x Copy 4 files with source mask: x x * [^] x x [x] Using shell patterns x x to: x x /#ftp:mylogin:[EMAIL PROTECTED]/httpdocs/tautog [^] x x [ ] follow Links [ ] Dive into subdir if exists x x [x] preserve Attributes [ ] Stable Symlinks x x [< Ok >] [ Background ] [ Cancel ] x x x mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj (I edited my username and password for obvious reasons.) Recommendation I feel this is an exposure that need not exist. If mc is being used in a demonstration, or when people are around, the initial logon can be shielded from view, but when transferring many files, this is not practical. MC Data OS: Linux (SuSE 7.3) mc -V: The Midnight Commander 4.5.54 Edition: text mode Virtual File System: tarfs, extfs, ftpfs, mcfs, undelfs With builtin Editor Using S-lang library with terminfo database With subshell support: as default with mouse support on xterm and the Linux console. Using locale "en_US" (from environment variable LANG) Regards, George _______________________________________________ Mc mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/mc
