RFC: Encrypting ~/.subversion/auth on Windows

From: Branko Čibej <brane_at_xbc.nu>
Date: 2004-11-12 22:53:29 CET

We all know that storing passwords in cleartext in ~/.subversion/auth is
not nice, but that a portable solution will take some doing. However,
there's an easiy way to protect that dir even from superusers on Windows
2000 and newer, when the user's config dir is on an NTFS volume: Simply
encrypt the directory when it's created. In order to do this in
newly-created config directories, all it takes is an additional system
call (well, taking care that it doesn't barf on older systems).

Would it make sense to do something like that? I think it would be a
huge improvement, at least on the PR front.

We could also recommend to users to encrypt existing auth directories,
it's a single command:

cipher /E /A "%APPDATA%/Subversion/auth"

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Nov 12 22:53:22 2004

This message: [ Message body ]
Next message: kfogel_at_collab.net: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Previous message: kfogel_at_collab.net: "Re: crash when doing svn st -u (assertion failed)"
Next in thread: kfogel_at_collab.net: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Reply: kfogel_at_collab.net: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Reply: Ben Reser: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Reply: Sigfred Håversen: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Reply: Marcus Rueckert: "Re: RFC: Encrypting ~/.subversion/auth on Windows"
Reply: Mark Phippard: "Re: RFC: Encrypting ~/.subversion/auth on Windows"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]