Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Camaleón <noelamac@gmail.com>
Date: Sat, 30 Jun 2012 09:19:05 +0000 (UTC)
Message-id: <[🔎] jsmga9$djv$3@dough.gmane.org>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] jshqlo$no$5@dough.gmane.org> <[🔎] 4FECA6FB.7090606@eisenbits.com> <[🔎] jsie79$no$18@dough.gmane.org> <[🔎] 4FECE810.4030101@concepts-and-training.de> <[🔎] jskc6a$68h$4@dough.gmane.org> <[🔎] 4FEDBF4D.6040905@concepts-and-training.de> <[🔎] jskgm9$68h$11@dough.gmane.org> <[🔎] 4FEDD417.7070607@concepts-and-training.de> <[🔎] jskmhd$68h$16@dough.gmane.org> <[🔎] 4FEDFC1E.9080902@concepts-and-training.de>

On Fri, 29 Jun 2012 21:03:58 +0200, Denis Witt wrote:

(...)

>> and hey, it's open source! You can hire a programmer, make a fork
>> ("FileZilla-S" for secure) and add all the enhancements you want ;-
> 
> Forking a program for a single little feature doesn't make a lot of
> sense to me. 

If you value so much that feature and you really like the application, 
why not?

> Either you will have to patch the upstream version every now and then
> or you end up with a Fork that doesn't get any new features, also it
> might confuses some users.

Then move on :-)

But remmember this is very common for another programs. In Windows 
systems, for instance, the login credentials of many applications remain 
stored accessible from the registry so no gain here. In the linux 
ecosphere, as I already mentioned (i.e., mutt, the ssl keys and another 
one I remember is phpmyadmin when using a determined auth type), it 
happens the same.

I wonder if a feasible approach to store credentials in clear text for 
FileZilla would be using something like the gnome-keyring or a similar 
implementation for the different OSes or linux boxes, although of course, 
this would add additional drawbacks.

Greetings,

-- 
Camaleón

Reply to:

Follow-Ups:
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Stanisław Findeisen <stf.list.debian.user@eisenbits.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

Prev by Date: Re: DHCP + DNS questions
Next by Date: Re: Joining pcl and jpg in Gimp.
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread