FileZilla itself has become a security hole for webmasters.

Come here to discuss FileZilla and FTP in general

Moderator: Project members

Locked
Message
Author
User avatar
Aaron.Walkhouse
500 Command not understood
Posts: 1
Joined: 2009-07-21 00:49
First name: Aaron
Last name: Walkhouse

FileZilla itself has become a security hole for webmasters.

#1 Post by Aaron.Walkhouse » 2009-07-21 01:02

See: http://blog.stopbadware.org/2009/07/16/ ... d-websites

As the FZ client currently stores passwords unencrypted and in plain text in sitemanager.xml,
do you have any plans to close this obvious security hole by encrypting the passwords or the file?

User avatar
botg
Site Admin
Posts: 31659
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: FileZilla itself has become a security hole for webmasters.

#2 Post by botg » 2009-07-21 07:38

The security hole is elsewhere. If there is malware on the system it cannot be trusted, no encryption helps there.

End of discussion.

Locked