Branko Čibej <brane@xbc.nu> writes:
> We all know that storing passwords in cleartext in ~/.subversion/auth
> is not nice, but that a portable solution will take some
> doing. However, there's an easiy way to protect that dir even from
> superusers on Windows 2000 and newer, when the user's config dir is on
> an NTFS volume: Simply encrypt the directory when it's created. In
> order to do this in newly-created config directories, all it takes is
> an additional system call (well, taking care that it doesn't barf on
> older systems).
>
> Would it make sense to do something like that? I think it would be a
> huge improvement, at least on the PR front.
>
> We could also recommend to users to encrypt existing auth directories,
> it's a single command:
>
> cipher /E /A "%APPDATA%/Subversion/auth"
+1
Is this encryption based on the user's password or something?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Nov 12 23:10:20 2004