[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Credentials held unencrypted in memory during runtime

From: David Huang <khym_at_azeotrope.org>
Date: Tue, 12 Apr 2011 15:29:50 -0500

On Apr 12, 2011, at 2:33 PM, Ron Wilson wrote:

> On Tue, Apr 12, 2011 at 3:12 PM, David Huang <khym_at_azeotrope.org> wrote:
>> How is this supposed to work for the next session? I have these entries encrypted
>> with a session key which no longer exists. How do I decrypt them now?
> I think you are confusing a session with an operation. A session could
> consist of several to many operations and will last until all entries
> in the cache have expired. As such, a session could last your entire
> work day.

So the next day, I would have to type in my credentials again? Sure, I suppose that could be considered more secure, but there's always the tradeoff between security and usability.

However, I thought Stefan Küng's question was what could be done differently to make things more secure, given the current requirement that telling TSVN to save your password means it's saved indefinitely (i.e., until you manually tell it to clear the saved passwords). Recall that this discussion started because someone thought it was a security hole that you could use a debugger to get a cleartext password out of TortoiseProc, and that Stefan said that it'd be easier to just get them from the place where SVN remembers its passwords. Then you said that this meant that SVN's password saving wasn't implemented correctly. From what I can see, it's implemented the best it can be, given the requirements. If you want to change the requirements to say that SVN can only cache credentials for a limited time, then of course, things would have to be implemented differently.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-12 22:30:08 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.