[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Credentials held unencrypted in memory during runtime

From: Ron Wilson <ronw.mrmx_at_gmail.com>
Date: Wed, 13 Apr 2011 12:27:25 -0400

On Wed, Apr 13, 2011 at 1:41 AM, Andrew <agaspar_at_odecee.com.au> wrote:
 The organisation that I am currently working for has also found this
security issue, and
> being a financial organisation we are considering not allowing our developers to use
> tortoise SVN.

As an altarnative, the server can be setup to use time limited
passwords. This will render any cached credentials invalid after some
reasonable lngth of time, typically 5 minutes to 15 minutes.

You company's IT people should know how to do this.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-13 18:27:32 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.