Re: svnserve password store in clear text

From: Eric Hanchrow <offby1_at_blarg.net>
Date: 2004-06-02 18:52:23 CEST

>>>>> "Greg" == Greg Hudson <ghudson@MIT.EDU> writes:

Greg> On Wed, 2004-06-02 at 04:25, Ng, Wey Han wrote:
>> I am wondering if the password be change to an encrypted form
>> in the future? I have check the project home page and there is
>> no mention to fix this in the plans.

    Greg> As with most people who make this request, you're starting
    Greg> from the (reasonable) misconception that the client
    Greg> transmits the password to the server. That's not how it
    Greg> works

Coincidentally I was wondering about this same thing yesterday. I've
since realized that the clear-text passwords are protected by the same
mechanism that protects your repository itself, namely, the file
system. If you're worried that that protection isn't sufficient for
your passwords, you shouldn't use it for your repository data, either
:-|

-- 
The one thing that unites all human beings, regardless of age,
gender, religion, economic status or ethnic background, is that
deep down inside, we all believe that we are above average
drivers.
         -- Dave Barry
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Jun 2 18:52:50 2004

This message: [ Message body ]
Next message: kfogel_at_collab.net: "Re: Subversion branch deltification policy is more space-hungry than CVS"
Previous message: Greg Hudson: "Re: PATCH: Perform multi-file operations in sorted order"
In reply to: Greg Hudson: "Re: svnserve password store in clear text"
Next in thread: kfogel_at_collab.net: "Re: svnserve password store in clear text"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]