[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[PATCH] Update AHHH! entry in FAQ

From: Stefan Sperling <stsp_at_elego.de>
Date: Fri, 15 Aug 2008 02:25:11 +0200


here's an update to the entry about plaintext password
caching in the FAQ:


* www/faq.html
  (plaintext-passwords): Explain features which will be added
    in 1.6. Also, remove a remark about trusting the OS to protect
    plaintext data. This won't convince people who are concerned about
    not saving passwords in plaintext. In their minds, plaintext
    password data in the filesystem usually *is* the weakest
    link in a chain of security measures.




Index: www/faq.html
--- www/faq.html (revision 32474)
+++ www/faq.html (working copy)
@@ -3075,14 +3021,19 @@
 <p>On Mac OS X, svn 1.4 and later uses the system Keychain
 facility to encrypt/store your svn password.</p>
-<p>On UNIX/Linux, there are no standard system encryption facilities,
-so the password is stored in ~/.subversion/auth/. Notice, however,
+<p>Subversion 1.6 will address this issue for UNIX/Linux.
+Support for Gnome-Keyring and KDEwallet has been implemented,
+both of which facilitate storing passwords on disk encrypted.
+The client will fall back to caching your password in plaintext
+if neither of these programs are available, but it has also been
+changed to never cache a password in plaintext without asking first.</p>
+<p>With Subversion 1.5 and earlier, on UNIX/Linux, the password can
+only be stored in plaintext in ~/.subversion/auth/. Notice, however,
 that the directory which contains the cached passwords (usually
 ~/.subversion/auth/) has permissions of 700, meaning only you can read
-<p>Trust your OS to protect data on disk.</p>
 <p>However, if you're really worried, you can permanently turn off
 password caching. With an svn 1.0 client, just set 'store-auth-creds
 = no' in your run-time config file. With an svn 1.1 client or later,

To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-08-15 02:25:30 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.