Message137424
> Distutils doesn't validate PyPI server certificate, so this change
> doesn't prevent from MITM attacks, but at least it makes package
> submissions over wireless channels and public networks safer.
Is that so? It's been a while, but I think e.g. ettercap is a highly
automated tool for MITM attacks that isn't very hard to use. |
|
Date |
User |
Action |
Args |
2011-06-01 07:30:15 | skrah | set | recipients:
+ skrah, loewis, barry, techtonik, tarek, eric.araujo, Arfrever, alexis |
2011-06-01 07:30:15 | skrah | set | messageid: <1306913415.13.0.571167549516.issue12226@psf.upfronthosting.co.za> |
2011-06-01 07:30:14 | skrah | link | issue12226 messages |
2011-06-01 07:30:14 | skrah | create | |
|