[Yum] Re: Usernames, Passwords and yum

Michael Stenner mstenner at ece.arizona.edu
Wed Jun 9 02:19:26 UTC 2004

On Tue, Jun 08, 2004 at 07:06:57PM -0700, Michael Stenner wrote:
> On Tue, Jun 08, 2004 at 03:50:29PM -0500, Michael Favia wrote:
> > I would agree with scrubbing the URI

OK, I just had another thought that reduces my motivation to pursue
this url-scrubbing thing.  We're trying to prevent a regular user from
getting the password, right?  Scrubbing the logging messages is kinda
silly when they can just read the config file.  So, if you really want
the users to not see the password, you should lock down the config
file, at which point, they can't run yum anyway.

Surely, people are going to suggest crazy schemes for solving this
problem, but I'll be really surprised if anyone feels it's actually
valuable enough to implement.


  Michael D. Stenner                            mstenner at ece.arizona.edu
  ECE Department, the University of Arizona                 520-626-1619
  1230 E. Speedway Blvd., Tucson, AZ 85721-0104                 ECE 524G

More information about the Yum mailing list