[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: RFC: Encrypting ~/.subversion/auth on Windows

From: Mark Phippard <MarkP_at_softlanding.com>
Date: 2004-11-13 02:13:04 CET

Branko ╚ibej <brane@xbc.nu> wrote on 11/12/2004 04:53:29 PM:

> We all know that storing passwords in cleartext in ~/.subversion/auth is

> not nice, but that a portable solution will take some doing. However,
> there's an easiy way to protect that dir even from superusers on Windows

> 2000 and newer, when the user's config dir is on an NTFS volume: Simply
> encrypt the directory when it's created. In order to do this in
> newly-created config directories, all it takes is an additional system
> call (well, taking care that it doesn't barf on older systems).
>
> Would it make sense to do something like that? I think it would be a
> huge improvement, at least on the PR front.
>
> We could also recommend to users to encrypt existing auth directories,
> it's a single command:
>
> cipher /E /A "%APPDATA%/Subversion/auth"
>

If you are going to do something that is specific for Windows, why not do
what TortoiseSVN does? They are using an API that exists in Win2K and
higher to encrypt the password. I am pretty sure this is not the same
thing you are talking about because I believe the password is encrypted
even if you look at the file. Also, whatever they are doing is not
compatible with the command line. For Windows user's this would provide
good encryption, and also solve the problem sussman posed.

As for just casually obfuscating the password, I originally thought this
would be a good idea but having read the counter arguments that have been
posed over the last several months, I now think it would be a bad idea.
Mainly, because I think it creates a false sense of security. It is
better to make it clear to users that the password is not protected so
that they can take their own precaustions to secure it.

Mark

_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Nov 13 02:13:24 2004

This is an archived mail posted to the Subversion Dev mailing list.