Michael Haggerty <mhag...@alum.mit.edu> writes: > I think the problem is yet another step earlier: why do we build tools > that encourage people to store passwords in plaintext in a configuration > file that is by default world-readable?
True. This particular one mentioned in the thread predates credential helpers, so it is not faire to say "encourage". We didn't and we don't. Care to do a patch to deprecate sendemail.smtppass (i.e. give warnings to users when it is used) and perhaps replace it with something based on the credential store or something? -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
