[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] default to --no-auth-cache

From: Karl Fogel <kfogel_at_newton.ch.collab.net>
Date: 2003-01-14 01:16:42 CET

Greg Stein <gstein@lyra.org> writes:
> That is, the default behavior is:
>
> * store user/pass
> * if using SSL, then just store the user
> * config files override the above behavior
> * cmdline switches override the above
>
> btw, note that the password info is always stored in a user-read-only
> directory and user-read-only file.

I thought our current default was fine too, until I read Ryan's
example about tarring up a working copy and handing it to someone
else. People do that all the time in CVS, and they'll assume they can
do it with Subversion too (no matter how many flashing signs we put in
the docs). The perms won't protect anything once it's in the tar
file.

The fact that our default is insecure in a not-uncommon CVS use case
is just too much to take. Heck, I'd post the BUGTRAQ warning myself :-).

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 14 02:02:41 2003

This is an archived mail posted to the Subversion Dev mailing list.