On 12/4/2008 at 1:16 PM, Marcus Hüwe suse-tux@gmx.de wrote:
On 2008-12-04 12:56:44 +0100, Dominique Leuenberger wrote:
On 12/4/2008 at 12:54 PM, Marcus Hüwe suse-tux@gmx.de wrote:
First thanks for your patch but I'm a bit hesitant to add a gnome
dependency
to osc (although it's optional). What about if we simply store
the
password
base64 encoded in the ~/.oscrc file? Wouldn't this be sufficient?
BASE64 is as good as no encryption at all. Trying to obfuscate has nothing to do with securing anything.
Of course it has nothing to do with security but it prevents others from "stealing" one's password by just "looking over the shoulder". I thought this was his main concern.
Pretty doubtful, as probably he's not editing the .oscrc that often ;) so just by looking over the shoulder, hardly any damage can be done. But maybe I interpreted more than there is... could be.
Dominique