[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn caches password in local directory

From: Max Bowsher <maxb_at_ukf.net>
Date: 2005-06-10 14:35:08 CEST

Mark Parker wrote:
> Ben Collins-Sussman wrote:
>>
>> A win32 svn 1.2 client stores the password cache encrypted using the
>> windows crypto API (basically using the user's system password). You
>> don't need to do anything to make it happen, it just happens. You
>> might want to destroy existing caches (rm %APPDATA%\Subversion\auth
>> \svn.simple\*) so that new encrypted ones are saved.
>>
>> See the 1.2 releasenotes:
>>
>> http://subversion.tigris.org/svn_1.2_releasenotes.html
>
> Also note that the password files won't *look* encrypted to the user
> that owns them (because the OS is decrypting them for you). If you
> select the option "Show encrypted or compressed NTFS files in color",
> they'll show up as green.

Looking at the code, I'm pretty sure that the above is false.

The password data is encrypted using Windows API functions. NTFS encryption
not involved.

Max.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jun 10 14:37:10 2005

This is an archived mail posted to the Subversion Users mailing list.