tag 341300 + pending patch thanks On Wed, Nov 30, 2005 at 09:49:21AM +1100, Richard Jones wrote: > Definately take it out. In some sense it doesn't matter if its 600, > as if you can read that file then you are likely to be able to modify > the executables and capture the password anyway but the purists will > not buy that argument :-)
Right you are :) I'll upload 0.6-2 soon (after I get confirmation that #341301 is not an actual problem), with the following patch applied: --- gmailfs-0.6/gmailfs.py 2005-11-29 14:54:52.000000000 -0800 +++ /tmp/dpep.qsAPbU/gmailfs-0.6/gmailfs.py 2005-11-29 15:00:19.000000000 -0800 @@ -544,7 +544,10 @@ log.info("Mountpoint: %s" % self.mountpoint) log.info("Unnamed mount options: %s" % self.optlist) - log.info("Named mount options: %s" % self.optdict) + # obfuscate sensitive fields before logging + loggableOptdict = self.optdict.copy() + loggableOptdict['password'] = '*' * 8 + log.info("Named mount options: %s" % loggableOptdict) # do stuff to set up your filesystem here, if you want Cheers, --Seb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]