On 10/18/06, Alex Holst <a@mongers.org> wrote:
> Please don't do this. Whilte Such a change may stop users complaining,
> it won't stop subversion from storing the password (effectivly) in the
> clear.
>
> None of this will stop attackers. And, while the change may indeed stop
> users from complaning, you'll simply end up with security professionals,
> like me, complaining that subversion "tricks" users into not
> investigating alternatives to plain text passwords.
>
> To quote Thomas Ptacek (replace 'SAN' with 'svn'): "The lack of
> superficial (or worse, complicated) security mechanisms forces operators
> to confront the fact that SAN security requires network architecture
> support." -- http://www.matasano.com/log/203/radioactive/
>
> Users who complain about the risk of plain text passwords need to be
> educated and motivated to move to ssh keys, certificates or full disk
> encryption (or switch to an OS that provides a safe method of storing
> passwords).
For those not at the summit, my opinion is much the same as Alex's.
However, I am willing to be -0 against this patch if the warning is
present. I still think it's a bad idea, but I realize that I was the
only one in the room who didn't like it. -- justin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Oct 18 18:41:41 2006