[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#34145: 27.0.50; Writing .authinfo needs better confirmation
From: |
Michael Albinus |
Subject: |
bug#34145: 27.0.50; Writing .authinfo needs better confirmation |
Date: |
Thu, 10 Oct 2019 07:26:27 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Lars Ingebrigtsen <larsi@gnus.org> writes:
>> A Tramp user has reported recently, that writing a password into
>> .authinfo happened too easily, without proper confirmation
>> request. Granted, there was a `y-or-no-p' style question, but obviously
>> he has accepted w/o thinking too much. See
>> <http://lists.gnu.org/archive/html/help-gnu-emacs/2019-01/msg00054.html>.
>>
>> Since this is sensible data, he proposes to make it harder to
>> confirm. `auth-source-netrc-saver' should offer an alternative
>> confirmation prompt, more like `yes-or-no-p'. Which prompt to apply
>> should be configurable.
>
> It's a multiple-choice thing:
>
> (concat "(y)es, save\n"
> "(n)o but use the info\n"
> "(N)o and don't ask to save again\n"
> "(e)dit the line\n"
> "(?) for help as you can see.\n"))
>
> So I don't think a yes-or-no-p-like action here is practical.
>
> Anybody got an opinion?
Honestly, I'm undecided. The major idea of this request was to make it
harder to save a password string somewhere. Just a single ky is too easy.
To my taste, yes/no is sufficient. This choice does not need to ask,
whether the entered password shall be applied. It is obvious that it should.
Best regards, Michael.