Background:
Our security guy just got wind of the fact that credentials are cached
in clear text on disk, he is not too happy, and has told me that we
need to turn this on:
[auth]
store-auth-creds = no
This I have the feeling will make the system unusable, as I understand
it, every user would have to authenticate every time they performed a
svn command that accessed the server.
Since, I went thought the process of setting up our system so that our
system uses Active Directory to authenticate, this means that our
Active Directory passwords are cached in what is essentially clear
text. I explained to him that the permissions are set so that only the
person who is account is logged in is allowed to see the files but this
is not sufficient for the paranoid security guy because it still means
that someone could read the disk if they have physical access to the
machine and a low level disk utility or root access. Since it is our
Active Directory password in clear text someone could get access to
other servers in the company!
Request:
That in a new version, in the not too distant future, that the auth
directory is encrypted by svn. I mean, it really cool that, we have all
these SSL capabilities in svn and this would be the last chink in the
armor.
Question:
What can I do in the mean time to appease the security guy and still
retain the convenience that the auth-cache provides? I was thinking of
perhaps putting the auth cache in an encrypted directory somehow, how
hard is this to do?
I have about a week to come up with a solution to this or I will be
typing a lot of passwords and will have a lot of unhappy users.
- Paul
PS I am sure our security guy does not mind being called paranoid.
Received on Wed Aug 25 22:40:48 2004