On Tue, 2003-10-07 at 11:10, Louis Kyu Won Ryu wrote:
There are some holes, such as the list of user IDs,
preferences, and
passwords, which are not kept in the public backups seeing as how the
passwords are kept in the database in plaintext. As a practical matter,
however, this is a minor point.
FWIW, the passwords are not kept plaintext, but are hashed. It's not the
most secure hash in the world, though, and e-mail addresses are stored
in plaintext. (Or they wouldn't be much good would they? ;)
-- brion vibber (brion @
pobox.com)