[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: Setting location of auth cache - securing stored passwords

From: Ryan J Ollos <ryano_at_physiosonics.com>
Date: Thu, 24 Dec 2009 01:21:38 -0800 (PST)

Andy Levy wrote:
> You could also prevent people from caching passwords in the first
> place by editing %APPDATA%\Subversion\config (the [auth] section), but
> you can't stop them from reverting it back to caching.

As you suggest, I'm currently looking at ways to restrict the SVN/TSVN
configuration client side. It seems that one would need to enforce limited
OS account permissions on the client computer and remove permissions for
that user to change %APPDATA%\Subversion\config. However in that case, it
seems that a user could technically access the repository from another
computer unless access was restricted by IP (not a big concern for me
anyway, but strictly speaking it seems this would be a hole in the
enforcement of the policy).

Maybe there is a better way to enforce a policies about password caching?
(more extensive elaboration on what I would like to "ideally" implement:

View this message in context: http://old.nabble.com/Setting-location-of-auth-cache---securing-stored-passwords-tp24823690p26911774.html
Sent from the tortoisesvn - users mailing list archive at Nabble.com.
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2009-12-24 10:21:46 CET

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.