[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Credentials Caching - Security Guy Not Happy

From: Travis P <svn_at_castle.fastmail.fm>
Date: 2004-08-26 00:47:29 CEST

kfogel@collab.net wrote:
> Travis P <svn@castle.fastmail.fm> writes:
>> It can lead to something entirely sensible like ssh-agent or AFS
>> tokens.
>> The key is then cached in memory only (locked, non-pageable memory if
>> the OS allows for that).
> Yes -- we've talked about doing that, it's just that it's a
> non-trivial project.
> ...
> No one disagrees, it's just a question of priorities.

I'm glad to hear that it's been discussed. Tradeoffs are inevitable and
priorities must be set. I definitely understand.

Such a project might be non-trivial, but I think it might be a nicely
partitioned project for anyone motivated and with the time to attempt
it. Unlike some other projects (exclusive locks come immediately to
mind, or an SQL backend even more so), it's not so enmeshed with the
project that it would need significant core developer attention.


To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 00:48:01 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.