[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Repository Passwords are in clear text?

From: Mark Parker <mark_at_msdhub.com>
Date: 2005-11-16 00:15:33 CET

Scott Palmer wrote:
> Ultimately yes. I was only solving the issue of easily readable
> plaintext passwords. So, for example the administrator could look at
> the file without accidentally reading the private passwords of the users.
> Scott

That's what I'm saying... you didn't solve it. All you did was turn the
easily readable plaintext passwords into something longer and harder to
remember. If the administrator wanted to do something with your account,
all he needs do is comment out the line that says "the_password =
hash(the_password)" in the client and recompile. If the administrator
wouldn't do that because he's trustworthy, then why not leave
easily-readable passwords in the file?

A false sense of security is worse than no security.


To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 00:22:09 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.