[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Feature Request: clients shouldn't store auth-creds

From: Branko Čibej <brane_at_xbc.nu>
Date: 2005-01-06 02:12:38 CET

John Peacock wrote:

> Tobias Ringström wrote:
>> The issue is whether Subversion should cache passwords by default or
>> not. I still feel that it should not for the reasons I stated earlier
>> in this thread, but I'm also beginning to realize, much to my
>> surprise, that I'm pretty alone with that opinion.
> FWIW, I agree with you that passwords should not be cached unless
> someone makes a positive choice to do so. However, that _is_ a change
> in behavior, both from the way that Subversion has acted until now, as
> well as how cvs pserver client works (if you count `cvs login`).
> How about a patch that does several things:
> 1) sets the default to cache=no
> 2) permits the following config settings:
> cache_passwords = no
> cache_passwords = yes
> cache_passwords = ask

I don't understand the usefulness of the last option.

> 3) permits some form of cached password expiration control, e.g. by
> timestamp (ask only once per hour) or something equally clever (ask
> every 42 commits?).

The only useful (yes, and I do mean useful, not feasible) way to
implement this is by havingan agent that stores passwords in memory,
like ssh-agent. Then "cache_passwords=ask" could become
"cache_passwords=agent", and could be the default.

This would be a useful thing to have, although IIRC some people object
to this on the grounds of it being too complex.

-- Brane

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 6 02:13:49 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.