Re: Credentials Caching - Security Guy Not Happy

From: David Good <dgood_at_fsautomation.com>
Date: 2004-08-26 19:26:17 CEST

On Wed, Aug 25, 2004 at 07:00:31PM -0700, Paul Ossenbruggen <paul.ossenbruggen@convoii.net> wrote:
>
> The last solution, being advocated by Security Guy, which requires the
> least amount of change, is to turn off the cache and make people type a
> lot of passwords. Does anyone have experience with this and how
> annoying it is? He is judging that we might have maybe 10 commands per
> developer per day where we have to enter our passwords, since it is
> only the commands talk to the server that need to authenticate. I would
> guess it is more like 20-50.
>

Yet another case of Security Guys making things *less* secure by blindly
enforcing security policies. I guarantee that if he goes through with
this *someone* will write a wrapper script for svn that will supply the
password on the commandline in plaintext.

Of course, I doubt there's anything you can do to change *that* :-)

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 19:27:06 2004

This message: [ Message body ]
Next message: Max Bowsher: "Re: branching and switch question"
Previous message: Ben Collins-Sussman: "Re: Merging vendor drop with new subdirectory"
In reply to: Paul Ossenbruggen: "Re: Credentials Caching - Security Guy Not Happy"
Next in thread: Stefan: "Re: Credentials Caching - Security Guy Not Happy"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]