Removal of shout_get_password()
Currently libshout allows the retrieval of the user password via shout_get_password()
. To me it seems like this is a very strange usecase. Specifically with a security relevant information like the user's password. Therefore I suggest to deprecate this function and remove it with the next ABI change.
Notes:
- Removal of the function will clean up the code slightly.
- The information is still within the process' memory. This does not improve security against attacks. The main intention of this ticket is to hint developers into not using bad patterns.