Why is `~/.hgrc` a remote security hole when checked in?

Dirk Heinrichs dhs at recommind.com
Tue Oct 15 05:42:23 UTC 2013


Am 14.10.2013 23:45, schrieb Sam Steingold:

> I was told on http://bz.selenic.com/show_bug.cgi?id=3147
> that `~/.hgrc` is a remote security hole when checked in.

Being a security hole or not, it's considered bad habit to mess with
users config files. If you want to provide a default configuration for
everyone, /etc is the place to put it in.

Bye...

    Dirk
-- 

*Dirk Heinrichs*, Senior Systems Engineer, Infrastructure
*Recommind GmbH*, Von-Liebig-Straße 1, 53359 Rheinbach
*Tel*: +49 2226 1596666 1149
*Email*: dhs at recommind.com <mailto:dhs at recommind.com>
*Skype*: dirk.heinrichs.recommind
www.recommind.com <http://www.recommind.com>


http://www.recommind.com



More information about the Mercurial mailing list