Bug#779708: Client for updating dynamic hostname mappings for dy.fi
Eugene Zhukov <jevgeni.zh@gmail.com> writes:
> Would anyone be interested in sponsoring its client package:
> https://bugs.debian.org/780096
Some comments:
1) does dy.fi really require you to send the password in an unencrypted
HTTP request?
2) Does the service really need to run as root?
3) Doesn't
db_get dyfi/password
sed -i "s/^Password.*/Password $RET/" /etc/dyfi-update.conf
in debian/postinst let all local users to see the password if they type
"ps axuf" at the right moment?
Reply to: