Re: [PATCH] default to --no-auth-cache

From: Branko Čibej <brane_at_xbc.nu>
Date: 2003-01-14 22:23:16 CET

rbb@rkbloom.net wrote:

>On Tue, 14 Jan 2003, [UTF-8] Branko Čibej wrote:
>
>
>
>>rbb@rkbloom.net wrote:
>>
>>
>>
>>>Just for completeness, the security concerns are just as valid. On a
>>>multi-user system, the password should not be stored on the disk by
>>>default, especially not in plain text.
>>>
>>>
>>>
>>It wouldn't be a problem if you have an encrypted filesystem, of course;
>>I wonder how hard it would be to encrypt the password?
>>
>>Oh, and BTW, regarding cert authentication with SSL -- the certs (or
>>rather, the private keys) have to be password-protected, too, otherwise
>>anyone can use them. Same problem, one level deeper.
>>
>>
>
>Yep, which basically means that we will need something like ssh-agent to
>_really_ solve this problem.
>
>

Well, then why don't we go for that immediately? Drop all this
auth-cache vs. no-auth-cache thing, and write svn-agent daemon. Then we
truly don't have to keep anything on disk. Of course, it does make
client configuration a bit harder, but hey.

-- 
Brane Čibej   <brane_at_xbc.nu>   http://www.xbc.nu/brane/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Tue Jan 14 22:24:10 2003

This message: [ Message body ]
Next message: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
Previous message: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
In reply to: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
Next in thread: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
Reply: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
Reply: Peter Davis: "Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]