Menu
▾
▴
[Fetchmail-users] Fetchmail without passwords in plaintext file?
|
From: Bjoern V. <bj...@ar...> - 2018-12-12 13:10:01
|
Matthias Andree wrote: > Regarding plaintext password storage, you don't have to, but fetchmail > had originally been written for end-user consumption and not high-grade > datacenter use. Yes, you know the historical requirements for Fetchmail. But how you think now about unencrypted passwords in Fetchmail? I think, that datacenters are much more secured than mobile devices (e.g. laptops) of average Linux users. Also SOHO servers, NAS devices are often not secured very good. Of course, long-term Linux users (I also started 1996) may still think, that unencrypted passwords in a file with -rw------- permissions are "safe enough". In fact this is somehow true for multi-user computers in secure locations where normal users have no root rights and where the root users are trustworthy. But do we still have to discuss about unencrypted passwords at the end of 2018? Auditors could laugh at us. > If I need to manually (through Git downloads) integrate a merge request > (such as !1 or !11 or others), possibly rebasing it to linearize > history, I cannot properly have Gitlab reflect that, you'll need to read > the comments to see that I did in fact merge them - but not into the > legacy_64 branch, (6.4 BETA) but instead into the master branch, where I > take the 7.0 ALPHA snapshots from. So, that point rejected, but no > offense taken. > > Feel free to check if there are relevant Gitlab bug/feature request > tickets and otherwise write one to permit me to mark things as merged. I > believe Gitorous, or some other Git hosting site, permitted that. OK, thanks for the details. On openSUSE Tumbleweed (a rolling-release distribution) I still have Fetchmail 6.3.26. When 7.0 will be up? I can not do the tasks, at least not this year. If I would do this, I will have to start from zero: Open a Gitlab account, explore the functionality of Gitlab, start playing with PWMD and the Fetchmail patches, ... May be you can contact Ben Kibbey who wrote the patches? He would be much faster. Greetings, Björn |
