[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r1151069 - /subversion/trunk/subversion/libsvn_subr/gpg_agent.c

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Wed, 27 Jul 2011 00:24:38 +0300

Stefan Sperling wrote on Tue, Jul 26, 2011 at 22:26:14 +0200:
> On Tue, Jul 26, 2011 at 08:28:40PM +0300, Daniel Shahaf wrote:
> > Stefan Sperling wrote on Tue, Jul 26, 2011 at 15:33:34 +0200:
> > > The key difference between the plaintext password store and the
> > > gpg-agent store is that the user must already have a running gpg-agent.
> > > The plaintext password store is always used and is not guarded by
> > > any such precondition.
> > >
> >
> > The prompt function can check that the environment variable is defined.
> > (not connect; just getenv() != NULL)
> >
> > > I think that if someone is already running gpg-agent, they are probably
> > > storing their PGP passphrase in it, which IMO is a secret of much higher
> > > value than a Subversion password.
> > >
> >
> > _If_ the PGP passphrase is stored there too, then of course it's more
> > valuable. I'm not sure how likely that is, though --- ie, people who
> > use svn but not gpg, and people who use svn and instruct gpg not to use
> > the agent (does gpg use the agent by default?), wouldn't have any 'more
> > sensitive' secrets in the agent.
>
> Users can always hit "Cancel" in the gpg agent prompt to get out of it.
> They don't have to enter a password at all if they aren't comfortable
> doing so.

Fair enough.
Received on 2011-07-26 23:25:24 CEST

This is an archived mail posted to the Subversion Dev mailing list.