Re: cleartext passwords

From: Karl Fogel <kfogel_at_newton.ch.collab.net>
Date: 2002-11-10 23:52:08 CET

Nuutti Kotivuori <naked@iki.fi> writes:
> I don't see a reason why we couldn't base64 the password if wanted,
> but I'd like to see a case where one could stuble on it by mistake
> first.

We did something similar in CVS (for the pserver access method).
FWIW, I think it wasn't worth it. It may obscure the password from a
few accidental exposures, but it also gets in people's way when they
needed to see the cleartext that they knew was there, and of course it
provides no real added security.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Nov 11 00:25:48 2002

This message: [ Message body ]
Next message: Philip Martin: "Re: Allocating from a pool in cleanup, WAS: RE: svn commit: rev 3709 - in trunk/subversion: libsvn_wc libsvn_client"
Previous message: Karl Fogel: "Re: svnlook diff fails on binary files:"
In reply to: Nuutti Kotivuori: "Re: cleartext passwords"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]