MC passwords in images?

Andreas Raab andreas.raab at gmx.de
Fri Nov 4 21:01:47 UTC 2005


Please, stop trolling.

   - Andreas

Martin Wirblat wrote:
> The image *is* the reasonably secure location and it is the primary 
> reasonable place in a Smalltalk world for passwords. You just have to 
> remember that it contains data ;-) And there is more than just 
> Monticello passwords - usually overlooked in such cases like yours. What 
> about a "deprivatizing" method that
> 
> - gets called on invoking "save as.." or "save as new version" and a 
> confirmation from the user regarding the deleting of sensitive data
> - clears passwords, proxy info etc.
> - can possibly be registered like #shutDown
> 
> Regards,
> Martin
> 
>  Andreas Raab wrote:
> 
>> Hi Folks,
>>
>> I just noticed that I handed out a whole bunch of images with 
>> plain-text passwords for various of the more sensitive repositories, 
>> thanks a lot (and no, if you have one of those it won't work any 
>> longer - I changed them). So for those of you who use MC and at times 
>> pass images around it is probably useful to check who's been in those 
>> repositories recently.
>>
>> Oh, and is anyone out there interested in implementing a password 
>> manager that stores passwords *outside* of an image in a reasonably 
>> secure location?
>>
>> Cheers,
>>   - Andreas
>>
>>
> 
> 
> 




More information about the Squeak-dev mailing list