Francis Mouthaud wrote:
> I hope that squid Squid will be smarter very soon because it is a real
>
> security problem.
>
> Just look at this: http://www.ntshop.net/security/ns4.htm
>
I just read this and do not see what squid has to do with Netscape
storingthe password in it's own logfile!
Yes, storing them in squid is perhaps not the best idea, especially in
plain text
but then again sending a password in URL is kinda like getting credit
card
details using the GET method - i.e. a bit silly really :)
I am sure squid could easily filter out ftp://usr:passwd@host.tld and
not log it.
-- Leigh PorterReceived on Wed Jul 09 1997 - 01:26:23 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:42 MST