[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Obfuscate auth info

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: 2006-10-18 16:39:10 CEST

Alex Holst wrote:
> Quoting Malcolm Rowe (malcolm-svn-dev@farside.org.uk):
>> Obfuscating passwords solves two problems:
>> 1. It prevents accidental disclosure (e.g. 'grep -r pony ~', if your
>> password is 'i-want-a-pony', your non-malicious sysadmin reading
>> it by mistake, that kind of thing).
>> 2. It stops people complaining that "HEY SUBVERSION IS STORING MY PASSWORD IN
>> THE CLEAR!!1".
>
> Please don't do this. Whilte Such a change may stop users complaining,
> it won't stop subversion from storing the password (effectivly) in the
> clear.
>
> None of this will stop attackers. And, while the change may indeed stop
> users from complaning, you'll simply end up with security professionals,
> like me, complaining that subversion "tricks" users into not
> investigating alternatives to plain text passwords.

Did you miss the part of the patch which writes the following to each
auth storage file?

   WARNING! This file contains a version of your password that has been
   slightly scrambled to avoid accidental disclosure.

   The scrambled password is NOT ENCRYPTED in any way, and so you should
   take the same care of it as you would your regular password.

-- 
C. Michael Pilato <cmpilato@collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on Wed Oct 18 16:39:27 2006

This is an archived mail posted to the Subversion Dev mailing list.