launchpad-dev team mailing list archive

[Karl Fogel <karl.fogel@xxxxxxxxxxxxx>]

Jeroen Vermeulen <jtv@xxxxxxxxxxxxx> writes:
>This just came up and it happens to be something that we discussed
>last cycle: users can now include username/password in URLs for their
>revision control repositories when setting up a mirrored branch, but
>currently the UI will display this information to the public.
>
>The Code team decided that it was not necessary to hide the login
>information since it's meant for anonymous logins (although the
>warning I asked for was added).  But this user seems to have a valid
>use-case for hiding passwords:
>
>    https://answers.launchpad.net/rosetta/+question/100519
>
>In a nutshell: svn repo behind a thin connection, not meant to take a
>full server workload.  Username/password is a great way to get the
>branch onto LP and available to the world, but our displaying the
>login to the public would be a blocker.

If the user is worried about malicious denial-of-service stuff, then
having anon access information published would be a problem.  But a
deliberate DoS is pretty unlikely, and they could avoid any accidental
DoS by setting up a dedicated username/password pair just for Launchpad:

  username: launchpad-ro
  password: lpreadonly

...or whatever.  That would communicate to other users that this is not
a general read-only anonymous access setup, but rather one just for
Launchpad.

I haven't mentioned any of this in the Question #100519, because that
user is still unaware of the new username/password feature entirely.
But I think the above might address that users' concerns.  IMHO,
mirrored branches on Launchpad should show viewers all the information
they'd need to reach the master source; otherwise they are put in the
position of having to trust Launchpad.  Dubious economic policy
notwithstanding, Reagan still had it right with "trust but verify" :-).
It's best if we offer users a way to verify.

-Karl