[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Insidious Spam/swen/Garbage

On Sun, 26 Oct 2003 at 23:48 GMT, Ron Johnson penned:
> On Sun, 2003-10-26 at 13:31, Monique Y. Herman wrote:
>> On Sun, 26 Oct 2003 at 14:11 GMT, Wayne Topa penned:
>> > 
>> > If you add set pop_host=pop.gmx.net, set pop_user=xxxxxxx and set
>> > pop_pass=????  to your .muttrc then   mutt -f pop://  will connect
>> > without typeing so much.  :-)
>> > 
>> > This works in version 1.5.4-1 (testing) as well....
>> > 
>> > Isn't linux neat!!
>> 
>> Of course, your password will then be in plain-text in a file.  If
>> you are the only person with root access, this probably isn't a big
>> deal until your box gets hacked, but this sort of thing always gives
>> me the willies.
> 
> But even for non-root users of the same system, all they'd have to do
> is do 'cat ~<foo>/.muttrc', unless .muttrc is only owner- readable
> (like .fetchmailrc).
> 

Sure, but that can be fixed, as you say, with permissions changes.  You
can't fix the fact that superusers can read your password.

-- 
monique
Unless you need to share ultra-sensitive super-spy stuff with me, please
don't email me directly.  I will most likely see your post before I read
your mail, anyway.
Reply to: