On Sun, Apr 06, 2008 at 04:55:36PM -0400, Karl Fogel wrote:
> "Erik Huelsmann" <ehuels_at_gmail.com> writes:
> > Well, there's a big chance of me being perceivede as rude after my
> > next statement, but this has been discussed *many* times before.
> >
> > The choice to store passwords in plain text has been a very conscious
> > decision; it has also been replaced by more appropriate storage
> > mechanisms on platforms which support that (Keychain on OSX,
> > Crypto-API on Windows). Unfortunately, Linux doesn't feature a
> > *standardized* crypto-agent. We don't need people lecturing us what's
> > secure and what's not: we need people implementing secure storage
> > mechanisms or patches to Subversion to support these mechanisms.
>
> Basically agree with your sentiment, but:
>
> We could switch to a default of not storing plaintext passwords, if we
>
> 1) Had a run-time option ('--store-password' or something) that
> causes it to be stored permanently for that working copy, and
>
> 2) Had a config option to turn on password-storing as a default
+1
I'd rather post a patch than simply agree though.
I'm interested in changing this since I've been thinking that
Subversion should default to not storing the password in clear
text since I found out it does. Maybe I'll find time some day :)
I think we should default to not storing on platforms where we
don't have a better option than clear text, and default to storing
the password on those that do. This might confuse people who expect
Subversion to behave consistently across platforms, but other than
that it's the best of both worlds.
--
stefan
http://stsp.name PGP Key: 0xF59D25F0
- application/pgp-signature attachment: stored
Received on 2008-04-06 23:30:52 CEST