"Gerald Richter" <richter@ecos.de> writes:
> until now I have used svn only on the LAN and didn't used any authetication.
> Now I have made a repository available to the internet and secured it with
> passwords. This works fine, but when I done any operations now my password
> is stored for every subdirectory in cleartext in the filesystem. While this
> is ok for a secure machine, this is a big security whole when doing a
> checkout etc. on machine that is used by many people or is accessable via
> the net.
>
> I didn't find anyway to delete these passwords (ok I can do a find -name
> password -exec rm {} \; ), but this isn't very convenient. So my questions
> is, is there a way to not store passwords at all, so I get asked anytime I
> access the repository, or at least is there a way to logout and delete the
> password.
>
> I know svn is still pre-alpha, so I just want to know the state of this
> issue and if there are any plans/features I have overseen already
+1 on making this a run-time option.
We now have a number of little things we want in the
.subversion/config (or .subversion/options or registry or whatever).
I'll try to make that file exist today, and put this as an option in
it.
-Karl
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Jun 22 17:11:14 2002