[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Obfuscate auth info

From: Samay <getafix123_at_hotmail.com>
Date: 2006-10-19 10:39:47 CEST

-1 for change to "obfuscation auth info" for what its worth.

It is widely understood that security by obscurity does not work .. same
goes for suggestions about obfuscation .. thats getting into a very wrong
trap ...

If security folks at corporate do not accept clear text passwords, what
gives, they will accept obfuscated passwords! We do not want clear text
passwords, hence we use Kerberos for authentication for our subversion repos
.. no handling of passwords by Subversion .. all handled by OS itself .. be
it Windows or Linux! Likewise with people using SSPI (integratd auth)!

At least we at Subversion can say that users get what they see .. no
pretention of 'secure password storage' just because its not in clear
'clear text'!

I agree we must have a secure password handling, somethng similar to Gnome
keychain or Mac Keychain or Firefox (using master password feature) or
KeepasswordSafe etc ...



----- Original Message -----
From: "Alex Holst" <a@mongers.org>
To: <dev@subversion.tigris.org>
Sent: Thursday, October 19, 2006 7:57 AM
Subject: Re: [PATCH] Obfuscate auth info

> Quoting Max Bowsher (maxb1@ukf.net):
>> Alex Holst wrote:
>> > I beg of you: Please don't introduce this obfuscation to auth data in
>> > Subversion.
>> Question: If you feel so strongly about it, are you also campaigning for
>> the trivial obfuscation to be removed from CVS?
> No. First, my customers don't use CVS, so I don't really care. Secondly,
> I suspect it would be much harder to remove features introduced many
> years ago in a dated scm tool than it would be to prevent the
> introduction of questionable obfuscation features in a newer, modern scm
> tool.
> I also think a mistake made years ago shouldn't be made again.
> I claim that, regardless of what warning might appear in the password
> file, obfuscated auth data will result in many users/admins/managers
> thinking it takes a lot of effort to recover their password. Anyone who
> has ever dealt with users or managers knows I'm not kidding.
> Which is greater? The cost of educating users who post to the mailing
> list about clear text passwords or the very likely possibility that
> a user will shoot themselves in the foot because they didn't feel a need
> to investigate ssh keys, certs or kerberos auth?
> --
> I prefer the dark of the night, after midnight and before four-thirty,
> when it's more bare, more hollow. http://a.mongers.org
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: dev-help@subversion.tigris.org

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 19 10:40:09 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.