[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: --non-interactive and keyrings

From: Daniel Shahaf <danielsh_at_elego.de>
Date: Fri, 3 Feb 2012 21:59:46 +0200

Philip Martin wrote on Fri, Feb 03, 2012 at 17:43:53 +0000:
> Philip Martin <philip.martin_at_wandisco.com> writes:
>
> > The KDE behaviour is a potential information leak. A random app can use
> > the Subversion libraries to query a repo, if it can monitor whether
> > such a query causes the KDE prompt to appear then it can determine
> > whether or not the password for the repo is in the wallet. Since GNOME
> > always prompts no such leak is possible.
>
> Thinking about this a bit further, it's not really a leak at all.

Agreed. We're left still with the original problem --- that kwallet
prompts for unlock even if it doesn't contain the password, but gkeyring
prompts for unlock regardless of whether it contains the password?

> The information that is leaking is whether or not 'kwallet' is stored
> in the .subversion/auth directory for a given repository. But any
> application that is capable of triggering the leak would also be
> capable of simply reading the .subversion/auth files.
>
> --
> uberSVN: Apache Subversion Made Easy
> http://www.uberSVN.com
Received on 2012-02-03 21:00:30 CET

This is an archived mail posted to the Subversion Dev mailing list.