[IPython-dev] host completer patch

Fernando Perez fperez.net at gmail.com
Sun Nov 25 17:48:31 EST 2007


On Jul 16, 2007 2:42 PM, Gael Pasgrimaud <gawel at afpy.org> wrote:
>
> Le 16 juil. 07 à 19:07, Fernando Perez a écrit :
>
> > On 7/16/07, Gael Pasgrimaud <gawel at afpy.org> wrote:
> >
> > This is NOT hypothetical, in fact the only breakin I've ever been a
> > victim of had this pattern, and was made MUCH more serious thanks to
> > an unhashed known_hosts (it was an old mismanaged Solaris box, years
> > ago).
> >
>
> Ouch ! But known_hosts is not the only file with host names.
> What about ~/.ssh/config ? I don't think this one can be encrypted
> one day.
>
> >
> > But we're in the business of being useful to people, not enforcing
> > policy on them.  I'd be happy to include your patch if you modify it
> > to include a docstring explaining the above, making very clear the
> > consequences of enabling it.  At least if people do this, they should
> > know *exactly* the exposure they are generating.
> >
>
> Ok, done. My english is quite poor but i've tried to be as clear as
> possible.
> I've also put a link to this thread since your example is really
> meaningful.

Thanks!  I've just added this, and it will be part of 0.8.2 once we
put it out (later today if I can finish flushing my queue).

Cheers,

f



More information about the IPython-dev mailing list