[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: C# SVN Encrypted Authentication wrapper for Windows and svnserve.exe

From: Branko Čibej <brane_at_wandisco.com>
Date: Fri, 29 Aug 2014 15:31:18 +0200

On 29.08.2014 15:04, DARKGuy . wrote:
> Hey all :)
>
> I'm really proud to announce a small app I wrote located here ->
> https://github.com/darkguy2008/SVNEncryptedAuth <- that will hook into
> the svnserve.exe process and encrypt the passwords located in the
> "passwd" file, while making it use a temporary file with the plaintext
> passwords on access (deleted almost immediately for security).
>
> This is made so the passwords don't get stored in plaintext but with
> some sort of encryption. I don't know why this wasn't planned in the
> release of that app, since we all know plaintext passwords are BAD and
> SASL is a pain to set up under Windows (also, not portable since it
> requires registry keys) and since I don't want to go with the hassle
> of downloading the source code and compiling the whole thing,
> developing an IAT hook patch was easier to do.
>
> I hope you guys like the project and becomes useful for anyone here.
>
> Comments & suggestions welcome, thanks!
> - DARKGuy

Do we really have to go through the whole "security through obscurity"
discussion again?

-- Brane

-- 
Branko Čibej | Director of Subversion
WANdisco | Realising the impossibilities of Big Data
e. brane_at_wandisco.com
Received on 2014-08-29 15:31:52 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.