Hello Malcolm and SVN devs
Malcolm Rowe wrote:
> Hello list,
>
> Background for people not at the summit: We discussed the
> regularly-reported problem today about the Subversion client storing
> plaintext auth info on Unix, and the response that elicits from users.
>
> We all agreed that scrambling the password wouldn't add any security at
> all, but we also had a vague consensus that as long as we made sure that
> users didn't think the passwords _were_ encrypted, obfuscating them in
> some way might not be objectionable, since not doing so aggravates some
> people.
>
I agree that a secure Linux box should effectively guard any plain text
passwords stored in the .subversion folder from being read in the wild and
if someone could, then you have bigger problems than simply having your
password stored as plain text.
But having said that, it's still an issue for me and it's not far enough
that passwords are simply base64 encoded. Better, but not nearly as good
as if they were encrypted.
One problem that comes to mind is the backing up of the home directory for
all users. Anyone with access to the tapes now has a list of passwords with
access to the subversion servers, and worse if that password is used against
an LDAP server for authentication.
I know that you have to trust the people you work with and that their should
be proper security over the backup tapes, but no system is perfect and
encrypted passwords would do much to minimize problems like this.
filipe
ps: Having said that... if you all still disagree, I'd still rather have
your patch go through for whatever that's worth ;)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Oct 18 14:39:31 2006