bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#34145: 27.0.50; Writing .authinfo needs better confirmation

From: Michael Albinus
Subject: bug#34145: 27.0.50; Writing .authinfo needs better confirmation
Date: Thu, 10 Oct 2019 07:26:27 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) 
Lars Ingebrigtsen <larsi@gnus.org> writes:

>> A Tramp user has reported recently, that writing a password into
>> .authinfo happened too easily, without proper confirmation
>> request. Granted, there was a `y-or-no-p' style question, but obviously
>> he has accepted w/o thinking too much. See
>> <http://lists.gnu.org/archive/html/help-gnu-emacs/2019-01/msg00054.html>.
>>
>> Since this is sensible data, he proposes to make it harder to
>> confirm. `auth-source-netrc-saver' should offer an alternative
>> confirmation prompt, more like `yes-or-no-p'. Which prompt to apply
>> should be configurable.
>
> It's a multiple-choice thing:
>
>                        (concat "(y)es, save\n"
>                                "(n)o but use the info\n"
>                                "(N)o and don't ask to save again\n"
>                                "(e)dit the line\n"
>                                "(?) for help as you can see.\n"))
>
> So I don't think a yes-or-no-p-like action here is practical.
>
> Anybody got an opinion?

Honestly, I'm undecided. The major idea of this request was to make it
harder to save a password string somewhere. Just a single ky is too easy.

To my taste, yes/no is sufficient. This choice does not need to ask,
whether the entered password shall be applied. It is obvious that it should.

Best regards, Michael.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]