Comment 1 for bug 1354208
Revision history for this message
| David Stanek (dstanek) wrote Re: Catalog replacement allows reading config | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I like whitelists because we can carefully select what can be used and it's much harder to accidentally have bad things fall through. Also there are things like IPs, ports, usernames, etc. not marked as secret that can used used in part as a social engineering attack.
On the other hand this could be very tedious to manage, but I can't imagine there is more than a handful of things that could be used in endpoints.