FileZilla itself has become a security hole for webmasters.

Come here to discuss FileZilla and FTP in general

Moderator: Project members

Locked
Message
Author
User avatar
Aaron.Walkhouse
500 Command not understood
Posts: 1
Joined: 2009-07-21 00:49
First name: Aaron
Last name: Walkhouse

FileZilla itself has become a security hole for webmasters.

#1 Post by Aaron.Walkhouse » 2009-07-21 01:02

See: http://blog.stopbadware.org/2009/07/16/ ... d-websites

As the FZ client currently stores passwords unencrypted and in plain text in sitemanager.xml,
do you have any plans to close this obvious security hole by encrypting the passwords or the file?

User avatar
botg
Site Admin
Posts: 35491
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileZilla itself has become a security hole for webmasters.

#2 Post by botg » 2009-07-21 07:38

The security hole is elsewhere. If there is malware on the system it cannot be trusted, no encryption helps there.

End of discussion.

Locked