On Fri, Aug 28, 2009 at 5:25 PM, <wagne...@seas.upenn.edu> wrote: > I can imagine all kinds of situations with "benevolent" attackers. For > example, what about a girlfriend that pokes around your hard drive looking > for lolcats when she's bored? One glance at .fetchmailrc would show it's > not a lolcat; but that same glance could show a password that you don't > really want her to know.
It took over 7 years before I would even tell my wife my login password; I've since changed it and won't share it. And I trust her implicitly with my machine -- there is nothing on there that I'm not happy for her to see :-) So, how does the putative bored girlfriend poke around your hard-drive in the first place, in this scenario? If you are letting her use your account and poke around your machine in the first place, how does her seeing a password cause a problem? If you don't want someone to know something, don't put them is a situation where they might find it. You shouldn't expect a program to employ a pointless encryption/obscuration scheme just because you don't look after your other data. You are increasing the complexity of the code, increasing the complexity of the testing environment, increasing the opportunity for bugs to occur (possibly causing data loss?), and protecting against nothing. Now, there is an approach used by mutt that sup doesn't seem to use, which is to prompt the user at the beginning of a session for the various source passwords; this way they are only held in memory (and swap files, probably). That may be a way out of the situation; as a mail client is inherently an interactive program, there's no harm in prompting for things missing from the config, I think. -jim _______________________________________________ sup-talk mailing list sup-talk@rubyforge.org http://rubyforge.org/mailman/listinfo/sup-talk
