cURL / Mailing Lists / curl-users / Single Mail


Re: [ Bug#178473: curl: local user information leak]

From: Domenico Andreoli <>
Date: Tue, 28 Jan 2003 17:26:18 +0100

On Tue, Jan 28, 2003 at 04:43:44PM +0100, Daniel Stenberg wrote:
> Still, this must remain treated as an extra precaution and we should
> encourage people who cares about security to NOT pass sensitive information
> in command line options. It has been mentioned in the curl FAQ for years.
i agree and for this reason i would not even apply the patch.

BTW, in curl manpage there is a reference to a README.curl in the
description of switch -u. debian bug #17850.


-----[ Domenico Andreoli, aka cavok
   ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50

This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
Received on 2003-01-28