[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Call for assistance (Was: [Issue 3061] username + password + non-interactive caches creds wrong)

From: Daniel Shahaf <d.s_at_daniel.shahaf.co.il>
Date: Mon, 9 Jun 2008 23:16:42 +0300 (Jerusalem Daylight Time)

Stefan Sperling wrote on Mon, 9 Jun 2008 at 21:26 +0200:
> On Mon, Jun 09, 2008 at 10:32:33AM -0700, Jack Repenning wrote:
> > > ------- Additional comments from danielsh_at_tigris.org Mon Jun 9 01:05:37 -0700 2008 -------
> > > In non-interactive mode, it defaults to saving it (for
> > > compatibility)
> That's wrong. See the comments in these code snippets from
> subversion/libsvn_subr/simple_providers.c (on trunk).
> They document the current behaviour.

Oops, sorry. Thanks for correcting me. (I already posted earlier a
correction on the issue (#desc7) when I realised my mistake.)

> As explained above, if the tool uses --non-interactive, the password
> should not be stored in plaintext with svn from current trunk.
> So I guess Daniel is right -- this could be used to somewhat steer around
> the fact that SecKeychainSetUserInteractionAllowed(FALSE); renders Keychain
> unable to give us the cached password for some bizarre reason.
> (For those who don't know what I'm talking about, see
> http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=133862
> which details the reason behind Jack's problem).
> But isn't there a catch? To authenticate during --non-interactive without
> having access to a cached password from Keychain, you need to pass
> --password on the command line. Which probably means that your password
> is saved in your shell's history instead of the svn auth area, right?
> No idea which is the lesser evil :/

There is also the option to use kwallet or gnome-keyring. (If they are
they available on OS X?)

To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-09 22:17:02 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.