diff options
author | Julian Andres Klode <julian.klode@canonical.com> | 2019-12-02 11:46:49 +0100 |
---|---|---|
committer | Julian Andres Klode <julian.klode@canonical.com> | 2019-12-02 14:27:38 +0100 |
commit | 93f33052de84e9aeaf19c92291d043dad2665bbd (patch) | |
tree | 667c4240b6f6fb9c91ae20b655478508b09d6214 /doc/xml.add | |
parent | 1690c3f87ae45a41e8d3e09bf0b1021c008460b9 (diff) |
netrc: Restrict auth.conf entries to https by default
This avoids downgrade attacks where an attacker could inject
Location: http://private.example/
and then (having access to raw data to private.example, for example,
by opening a port there, or sniffing network traffic) read the credentials
for the private repository.
Closes: #945911
Diffstat (limited to 'doc/xml.add')
0 files changed, 0 insertions, 0 deletions