Re: passwords in .fetchmailrc

[Carl Mummert <mummert@cs.wcu.edu>]

The danger in putting your password in .fetchmailrc:  
it is an obvious place to look.

Suppose that I were a cracker, and that I were 
eager to find a way to compromise your account.
(Note the subjunctive here).

Say that I find a way to have your computer send me the contents of any
file (this is a common hole that is often found; while it is 
not as serious as a hole that gives shell access, it is also more
common.  Old versions of sendmail did this.)

First, I would get /etc/passwd.  This would tell me the location
of all the user home directories on your computer, and provide
me with the _encrypted_ passwords (if you use shadow passwords,
I will get /etc/shadow as well).

Now, armed with the location of you homedir, say /home/luser,
I request the following files:

  /home/luser/.fetchmailrc
  /home/luser/.netrc

These files both exists primarily for the purpose of storing
unencrypted passwords (along with other config info).

If I am lucky, one of these files will have your unencrypted password.
I can then crypt your password and see if it is the password 
on your linux box
 (all that I know is that it is a password on another computer).

Whether you need to worry about this scenario depends on how paranoid you
are and how much you value the secrecy of your files. 

If you do not check your mail often, you could enter the password each time.
Or, if you are connected for long periods of time, you could run
fetchmail -d , enter your password once, and let fetchmail pause
between fetches.

Carl