Re: Moving away from plain-text passwords in the server-side passwd file

On Wed, May 21, 2008 at 12:10 AM, Jeff Robins <jeffrobinssae_at_gmail.com> wrote:
> My current situation is that I want to pitch this to my boss, but he
> won't take it with plain-text passwords on the server. The server runs
> IIS and the sys-admin isn't likely to spend much time setting this up
> if it's only for one small part of the company. The easiest way to run
> this would be in stand-alone svnserve mode, but with some type of
> hashed/encrypted passwords.

I would hope that a boss would be more convinced by "this uses the
industry-standard open source SASL library for authentication" than
"security is provided by some half-assed feature that people who know
more about version control than security coded up to help people who
don't feel like installing the library that already does the right
thing".

See http://svn.collab.net/repos/svn/trunk/notes/sasl.txt for more
information on using SASL with svnserve.

(And of course there are a variety of authentication options for
Apache with mod_dav_svn.)

--dave

-- 
David Glasser | glasser@davidglasser.net | http://www.davidglasser.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org