On Dec 11, 2004, at 1:17 PM, Rainer Pröbster wrote:
>
> I find it unnecessary problematic that in the not uncommon case that
> you don't
> want or can't use an apache server (your first usecase) and you don't
> or
> can't use ssh (your third usecase) you have to write your passwords
> plain
> into a text file (your second usecase) in subversion.
> Nowaday nearly every "normal" (linux) program which is critical for
> the system
> (like every server is) stores it's passwords in an encrypted file,
> mostly in a simple linux password file.
> I really _hate_ it to edit clear text password files, as everyone who
> just
> passes behind me, can read them!! It's just unprofessional!
> If one could use "normal" linux password files with the svnserve server
> program (which I prefer much over the apache-plugin btw.) there would
> also be
> big advantages like reusing existing files or admin-programs.
>
Hey Ben Reser -- do you believe me now? Rainer is repeating what I've
heard over and over: that despite making a file chmod 700, users still
complain about the fact that "everyone who passes" by the screen can
read them. This is why I continue to advocate even *trivial* ciphering
like rot13. I'm tired of hearing this complaint.
Rainer: the problem is cryptograhpically tricky. If the server stores
hashed passwords (like those in htpasswd, or in /etc/passwd), then
cleartext passwords must pass over the network. If the server stores
cleartext passwords, then hashes may pass over the network. So which
do you prefer? Remember that you can make your password file readable
only by 1 person. So the tradeoff here is that if you just happen to
'cat' the contents of the password file, somebody can look at your
screen... but in return, the password never travels over the network in
the clear.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Dec 11 20:48:16 2004