Hi Dne Mon, 26 Jan 2009 18:47:31 +0100 (CET) "Joop Boonen" <joop_boonen@web.de> napsal(a):
I've checked out ~/.oscrc I saw that my password can be found in plain text.
As someone who would be able to read this file would be able to change packages that I have created. I'm rather worried about it. The package could easily be piggy backed with mall ware.
I'm wondering wouldn't it be possible to put an encrypted password? Or even better to work with ssh keys?
An other option would be that the password wouldn't be saved.
I also did not like this and I posted a patch in bugzilla [1] for optional usage of GNOME Keyring for passwords. [1]: https://bugzilla.novell.com/show_bug.cgi?id=460540 -- Michal Čihař | http://cihar.com | http://blog.cihar.com