Stefan Sperling wrote on Mon, 9 Jun 2008 at 21:26 +0200:
> On Mon, Jun 09, 2008 at 10:32:33AM -0700, Jack Repenning wrote:
> > > ------- Additional comments from danielsh_at_tigris.org Mon Jun 9 01:05:37 -0700 2008 -------
> > > In non-interactive mode, it defaults to saving it (for
> > > compatibility)
>
> That's wrong. See the comments in these code snippets from
> subversion/libsvn_subr/simple_providers.c (on trunk).
> They document the current behaviour.
>
Oops, sorry. Thanks for correcting me. (I already posted earlier a
correction on the issue (#desc7) when I realised my mistake.)
> As explained above, if the tool uses --non-interactive, the password
> should not be stored in plaintext with svn from current trunk.
>
> So I guess Daniel is right -- this could be used to somewhat steer around
> the fact that SecKeychainSetUserInteractionAllowed(FALSE); renders Keychain
> unable to give us the cached password for some bizarre reason.
> (For those who don't know what I'm talking about, see
> http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=133862
> which details the reason behind Jack's problem).
>
> But isn't there a catch? To authenticate during --non-interactive without
> having access to a cached password from Keychain, you need to pass
> --password on the command line. Which probably means that your password
> is saved in your shell's history instead of the svn auth area, right?
> No idea which is the lesser evil :/
>
There is also the option to use kwallet or gnome-keyring. (If they are
they available on OS X?)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-09 22:17:02 CEST