Re: Credentials held unencrypted in memory during runtime

On Apr 12, 2011, at 2:33 PM, Ron Wilson wrote:

> On Tue, Apr 12, 2011 at 3:12 PM, David Huang <khym_at_azeotrope.org> wrote:
>> How is this supposed to work for the next session? I have these entries encrypted
>> with a session key which no longer exists. How do I decrypt them now?
>
> I think you are confusing a session with an operation. A session could
> consist of several to many operations and will last until all entries
> in the cache have expired. As such, a session could last your entire
> work day.

So the next day, I would have to type in my credentials again? Sure, I suppose that could be considered more secure, but there's always the tradeoff between security and usability.

However, I thought Stefan Küng's question was what could be done differently to make things more secure, given the current requirement that telling TSVN to save your password means it's saved indefinitely (i.e., until you manually tell it to clear the saved passwords). Recall that this discussion started because someone thought it was a security hole that you could use a debugger to get a cleartext password out of TortoiseProc, and that Stefan said that it'd be easier to just get them from the place where SVN remembers its passwords. Then you said that this meant that SVN's password saving wasn't implemented correctly. From what I can see, it's implemented the best it can be, given the requirements. If you want to change the requirements to say that SVN can only cache credentials for a limited time, then of course, things would have to be implemented differently.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2719207

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-12 22:30:08 CEST