Mailinglist Archive: opensuse-buildservice (176 mails)

< Previous Next >
[opensuse-buildservice] Avoiding leaked passwords in ~/.oscrc
Hi all,

we use OBS in an environment where everyone can see everybody else's
home dirs, so it takes very little abuse of sudo to read my co-workers'
~/.oscrc files. From there it's trivial to decode 'passx' and steal my
co-workers' OBS passwords.

Is there a way to avoid this? And if so, is it documented anywhere?

Thanks,

Greg
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups