[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)

From: <rbb_at_rkbloom.net>
Date: 2003-01-16 17:18:55 CET

On 16 Jan 2003 cmpilato@collab.net wrote:

> <rbb@rkbloom.net> writes:
>
> > I still disagree that implementing #2 brings us to the same point as CVS.
> > CVS only caches passwords to your disk if you are using :pserver:, which
> > most sites just don't do unless they are offering anonymous CVS. (Yes,
> > there are some that do, but it is rare).
> >
> > What that means, is that by implementing #2, you have brought subversion
> > up to the very least that CVS does. This makes subversion useful for
> > public access, but leaves it unsuitable for use with private passwords.
> > Emulating a feature of CVS that most people consider to be a security
> > problem does not sound like the correct way to replace CVS.
>
> IANA-SecurityGuy, but. Can't ra_svn be SSH-tunneled? If so, then it
> would seem that that is a good mapping to CVS using :ext:SSH. And by
> using mod_dav + SSL and disabling auth caching altogether, isn't that
> an exact match of CVS's most secure model?

Yes, ra_svn over SSH is exactly what CVS does. ra_dav + SSL without
auth-caching is also perfectly secure. The only remaining problem (once
passwords are moved out of the wc, is that the default is insecure, and
the docs glance over the issue. The reason that svn-agent came up at all
is because people want both security and auth-caching, which requires
something like svn-agent.

Ryan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 16 17:06:09 2003

This is an archived mail posted to the Subversion Dev mailing list.