[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Finding cached passwords

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2005-06-07 17:27:47 CEST

On Jun 7, 2005, at 4:40 AM, CÚlio Cidral Junior wrote:

> Hello!
>
> How can I find my cached password in my local machine? I took a look
> at C:\Documents and Settings\<user>\Application Data\Subversion\ and
> found some files in .\auth\svn.simple but I found no plain password in
> those files. Since svn 1.2.0 encrypts cached passwords, I want to
> known if there is the need to upgrade to this new version in the case
> of a security issue due to plain passwords being cached in the local
> machine.
>

For Subversion 1.0.x and 1.1.x, \auth\svn.simple\ contains plaintext
password caches. You can read about it here:

http://svnbook.red-bean.com/en/1.1/ch06s02.html#svn-ch-6-sect-2.2

If you upgrade to a 1.2 client on windows2000 or later, then the
cached passwords will be crypted using windows cryptography services.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jun 7 17:36:24 2005

This is an archived mail posted to the Subversion Users mailing list.