Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Steve Dowe <sd@warpuniversal.co.uk>
Date: Fri, 29 Jun 2012 16:13:18 +0100
Message-id: <[🔎] 4FEDC60E.8080903@warpuniversal.co.uk>
In-reply-to: <[🔎] 92FD3E54-D65F-4D68-8D7B-793E6008C676@queernet.org>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] jshqlo$no$5@dough.gmane.org> <[🔎] 4FECA6FB.7090606@eisenbits.com> <[🔎] jsie79$no$18@dough.gmane.org> <[🔎] 4FECE810.4030101@concepts-and-training.de> <[🔎] jskc6a$68h$4@dough.gmane.org> <[🔎] 4FEDB501.1080805@queernet.org> <[🔎] jskdhm$68h$7@dough.gmane.org> <[🔎] 92FD3E54-D65F-4D68-8D7B-793E6008C676@queernet.org>

On 29/06/12 15:36, Roger B.A. Klorese wrote:
> My root credentials for my local machine aren't stored in plaintext.
> And if the local machine is compromised, the critical threat is its
> use as a zombie, not any info that's on it. There simply isn't any
> confidential data.

But the reason for that is that your root password is encrypted using
one-way encryption.  It cannot be decrypted.

But, the result of it being encrypted is compared to the result of the
password you log in with (as root) being encrypted ... if the two match,
that's good enough for PAM, etc.

Obviously, for FZ, you need two-way encryption/decryption.

I know I'm stating the obvious, but I've been told I'm good at that ;)

-- 
Steve Dowe

Warp Universal Limited
http://warp2.me/sd

Reply to:

Follow-Ups:
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Stanisław Findeisen <stf.list.debian.user@eisenbits.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: "Roger B.A. Klorese" <rogerk@queernet.org>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: "Roger B.A. Klorese" <rogerk@queernet.org>

Prev by Date: Re: Filezilla a security risk
Next by Date: Re: buffer bloat or Squid issue ?
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread