X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C7AEB3.6209CB0D@onstor-exch02.onstor.net>; Thu, 14 Jun 2007 10:39:47 -0800
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-class: urn:content-classes:message
Subject: RE: pleaze revue
Date: Thu, 14 Jun 2007 10:39:47 -0800
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E02215856@onstor-exch02.onstor.net>
In-Reply-To: <20070614091525.7010f369@ripper.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: pleaze revue
Thread-Index: AceunzewcjLdt5LjRWSu7+/UiCZKkQAEa5fQ
From: "Larry Scheer" <larry.scheer@onstor.com>
To: "Andy Sharp" <andy.sharp@onstor.com>

I wanted to talk to you but couldn't find you and I keep getting
interrupted. Here is my input.

Line 18: DEF_HTTP_URL is set and never referenced. If this is just a
place holder to remind you to do more with it in the next rev then leave
it.

Lines 686-700 I think the customers have something else in mind. I
honestly believe this method of covering the password will be rejected
or future defects will be filed. I've seen this technique rejected over
and over again at Apollo Computer, HP, and other places. Customers just
aren't happy with it because the password is exposed in plain text as it
is being typed.=20

I still think you need to parse the ftp_url that is given on the command
line and prompt the user if the password is missing and not expose what
the user types when prompted.

But hey, if your intention is to get the other changes checked in and
see if QA will accept it then go ahead and submit it. But I really think
this is a case of fix it now or fix it later.

Larry

-----Original Message-----
From: Andy Sharp=20
Sent: Thursday, June 14, 2007 9:15 AM
To: Larry Scheer
Subject: Re: pleaze revue

Resending, since I haven't heard a peep from you on this.

Please give this priority, it needs to be checked in asap.  Thanks.

Change 24270 by andys@ripper on 2007/06/13 13:30:10 *pending*

        Obfuscate ftp password.
        Tidy up default FTP URL.
        Clean up some wording.
        Tested both FTP and HTTP URLs.
        Niced down the CF intensive processes to hopefully avoid
        honking the filer unexpectedly.
       =20
        TED00019467 - CW-install : Without a password in the URL
        TED00019490 - Users should not get the "You have successfully
        TED00019491 - Reword second paragraph of the install script
        TED00019489 - cw_install.sh failed to upgrade filer
        TED00019493 - No check done if user downloads cheetah version
        TED00019541 - cw_install.sh script from sub#23 fails to reboot
       =20
        Reviewed by

Affected files ...

... //depot/FB-DELOREAN/nfx-tree/Tools/cw_install.in#2 edit


On Wed, 13 Jun 2007 14:11:32 -0700 Andrew Sharp <andy.sharp@onstor.com>
wrote:

> Change 24270 by andys@ripper on 2007/06/13 13:30:10 *pending*
>=20
>         Obfuscate ftp password.
>         Tidy up default FTP URL.
>         Clean up some wording.
>         Tested both FTP and HTTP URLs.
>         Niced down the CF intensive processes to hopefully avoid
>         honking the filer unexpectedly.
>        =20
>         TED00019467 - CW-install : Without a password in the URL
>         TED00019490 - Users should not get the "You have successfully
>         TED00019491 - Reword second paragraph of the install script
>        =20
>         Reviewed by
>=20
> Affected files ...
>=20
> ... //depot/FB-DELOREAN/nfx-tree/Tools/cw_install.in#2 edit
>=20
