[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Obfuscate auth info

From: Ph. Marek <philipp.marek_at_bmlv.gv.at>
Date: 2006-10-19 10:30:39 CEST

On Thursday 19 October 2006 10:11, Branko Čibej wrote:
> AFAIK, since at least Windows 2000, the LanMAN hash is no longer stored
> in the registry by default. Guess why.
>
> It is *not true* that any password storage mechanism is insecure ...
> Mac's keychain, or Window's FS encryption certificate, can only be
> unlocked with the user's password -- that's done exactly once when the
> user logs in, the session keys are stored in secure memory (presumably)
> and go away when the user logs out.
Which is similar to the ssh-agent problem I mentioned.
Walk to the machine when the user has gone to fetch a coffee, and you're
in ...

I have to admit that it depends on the security you need, and what you want to
protect against. YMMV.

Regards,

Phil

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 19 10:31:09 2006

This is an archived mail posted to the Subversion Dev mailing list.