[Wine] WineHQ database compromise

Josh Juran josh at iswifter.net
Tue Oct 11 18:15:48 CDT 2011

On Oct 11, 2011, at 3:54 PM, Conan Kudo (ニール・ゴンパ) wrote:

> 2011/10/11 Josh Juran <josh at iswifter.net>
>> To clarify, your browser sends your password to bugzilla in cleartext, since HTTPS isn't an option.
> Shouldn't it be possible to modify the login environment so that a salted hash of the password is produced before sending it to the server, to strengthen the security a little bit?

That protects the password itself, but not the privilege it guards.

It also essentially makes Javascript a requirement, which currently it isn't.


More information about the wine-users mailing list