Re: [PATCH] default to --no-auth-cache

<rbb@rkbloom.net> writes:
> That I would be willing to do, yes.

Wonderful!

And, I think there's a way we can have both security and convenience.
How about this:

  - By default, we never cache auth data.

  - Whenever we prompt for a [user and] password, we also prompt
    asking whether to should remember the auth data for next time.
    Something like this:

      $ svn ci -m "log message"
      username: rbb
      password: ********
      Remember user and password for future contact with this repository?
       (Warning: the stored information will be visible to the
       system administrator, if they choose to look for it): n
      $

(Answering `y' would have cached the data in ~/.subversion/foo/, in a
some sort of table whose rows are repos UUID/username/password.)

This gives us the convenience factor -- "I don't want to do something
special to have my auth data cached, I just want it to work!" -- but
without compromising on the security side -- "Subversion shouldn't
store sensitive data without me telling it to!".

We can later add config options and flags along the lines of
`--always-store-auth-data', `--never-prompt-about-storing-auth-data',
and so on. Consider these optimizations to the core proposal; and not
with those actual names, of course.

What do you think?

-K

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 14 22:03:28 2003