Hi,
here's an update to the entry about plaintext password
caching in the FAQ:
[[[
* www/faq.html
(plaintext-passwords): Explain features which will be added
in 1.6. Also, remove a remark about trusting the OS to protect
plaintext data. This won't convince people who are concerned about
not saving passwords in plaintext. In their minds, plaintext
password data in the filesystem usually *is* the weakest
link in a chain of security measures.
]]]
OK?
Stefan
Index: www/faq.html
===================================================================
--- www/faq.html (revision 32474)
+++ www/faq.html (working copy)
@@ -3075,14 +3021,19 @@
<p>On Mac OS X, svn 1.4 and later uses the system Keychain
facility to encrypt/store your svn password.</p>
-<p>On UNIX/Linux, there are no standard system encryption facilities,
-so the password is stored in ~/.subversion/auth/. Notice, however,
+<p>Subversion 1.6 will address this issue for UNIX/Linux.
+Support for Gnome-Keyring and KDEwallet has been implemented,
+both of which facilitate storing passwords on disk encrypted.
+The client will fall back to caching your password in plaintext
+if neither of these programs are available, but it has also been
+changed to never cache a password in plaintext without asking first.</p>
+
+<p>With Subversion 1.5 and earlier, on UNIX/Linux, the password can
+only be stored in plaintext in ~/.subversion/auth/. Notice, however,
that the directory which contains the cached passwords (usually
~/.subversion/auth/) has permissions of 700, meaning only you can read
them.</p>
-<p>Trust your OS to protect data on disk.</p>
-
<p>However, if you're really worried, you can permanently turn off
password caching. With an svn 1.0 client, just set 'store-auth-creds
= no' in your run-time config file. With an svn 1.1 client or later,
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-08-15 02:25:30 CEST