[aur-general] Securing the AUR website
Thomas Bächler
thomas at archlinux.org
Sat Aug 6 07:39:43 EDT 2011
Am 06.08.2011 13:13, schrieb Lukas Fleischer:
> On Sat, Aug 06, 2011 at 01:02:03PM +0200, Thomas Bächler wrote:
>> Am 05.08.2011 23:54, schrieb Lukas Fleischer:
>>> [1] http://projects.archlinux.org/aur.git/commit/?id=1e7b9d57
>>> [2] http://projects.archlinux.org/aur.git/commit/?id=5ea9fc19
>>> [3] http://projects.archlinux.org/aur.git/commit/?id=973e4f85
>>> [4] http://projects.archlinux.org/aur.git/commit/?id=89721137
>>
>> Those commits are nothing but a charade. The very least you must do is this:
>>
>> 1) ALWAYS force a redirect to https on the AUR login page, never allow
>> the login to be submitted unencrypted.
>
> Thought about that. The problem is that there currently isn't a separate
> login page. Maybe removing the overall login form and creating a
> separate page for that will make things easier.
Then at least hardcode https for the login form, so the password is
always sent securely. This will still have the problems Florian
mentioned, but it is better than nothing.
Alternatively: Do not display a login form on http, instead display a
link "If you want to login, switch to a secure connection first.". This
way, the user verifies the certificate and URL first (by looking at the
URL bar), then enters his password.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/aur-general/attachments/20110806/325aeb27/attachment-0001.asc>
More information about the aur-general
mailing list