C. Michael Pilato wrote on Tue, Aug 10, 2010 at 14:24:30 -0400:
> The foremost bit of client configuration that CollabNet's Subversion
> customers are demanding (besides auto-props, which I think we all agree on)
> is a way for the server to set a policy which dictates that clients may not
> use plaintext or other insecure password storage mechanisms.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Such as post-it notes?
[[[
Index: subversion/mod_dav_svn/mod_dav_svn.c
===================================================================
--- subversion/mod_dav_svn/mod_dav_svn.c (revision 983930)
+++ subversion/mod_dav_svn/mod_dav_svn.c (working copy)
@@ -837,6 +837,12 @@
"enables server advertising of support for version 2 of "
"Subversion's HTTP protocol (default values is On)."),
+ /* per directory/location */
+ AP_INIT_FLAG("SVNBanPostItNotes", SVNBanPostItNotes_cmd, NULL,
+ ACCESS_CONF|RSRC_CONF,
+ "enable server refusing of checkouts to clients that use "
+ "post-it notes (this is a security risk)"),
+
{ NULL }
};
]]]
Received on 2010-08-11 01:51:40 CEST