Hi...
Dimitri Papadopoulos-Orfanos <papadopo@shfj.cea.fr> wrote on 14.10.2005
11:50:21:
> > Any options to make the password-storage on the client more secure? I
> > would like to see this files not world-readable. Is this possible by
> > default?
>
> This is covered by the FAQ:
> http://subversion.tigris.org/faq.html#plaintext-passwords
>
> First of all, notice that the directory which contains the
> cached passwords (usually ~/.subversion/auth/ on Unix systems)
> has permissions of 700, meaning only you can read them. Trust
> your OS to protect data on disk.
>
> Can you confirm the passwords are actually world readable in youre case?
I can confirm this in my case... I have a linux machine serving the
users homeaccounts
with samba to windows clients running cygwin with svn compiled for cygwin.
In my case this folder is *always* generated world readable, because a
chmod on cygwin
is not completly transparent over samba to the linux fs. :-(
I would also like to see the passwords scrambled by default. At present
I have a cronjob
running hourly to protect the .subversion folders of each user.
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Oct 14 12:52:05 2005