On Sun, May 18, 2003 at 07:17:09AM -0700, Bugsy wrote: > > Checking passwords > cvs -d :pserver:rootat_private:/wrong/cvs/root > login > Tells me if i got the root password right or not. Hmm, I've never been in any environement where CVS didn't have it's own, separate, password and group files. So this should not yield an actual user passwords. Assuming the password is different then the system one. I agree that the error messages should be terser in order to leak less information, possibly with an n seconds timeout after an error. Alex
This archive was generated by hypermail 2b30 : Tue May 20 2003 - 08:47:46 PDT