[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Repository Passwords are in clear text?

From: Gavin Lambert <gavinl_at_compacsort.com>
Date: 2005-11-16 23:11:25 CET

Quoth Ryan Schmidt <mailto:subversion-2005@ryandesign.com>:
> Just to set the record straight about Apache: .htpasswd files do not
> use base64 encoding. They use md5 hashing by default on Windows,
> Netware and TPF, and crypt encryption on all other operating systems,
> or you can also use sha hashing. None of these are reversible.

Interesting. The last time I recall modifying an .htpasswd file
directly it *was* using base64. That was several years ago, though.

Well, there's a need for Apache to use non-reversible encoding for
passwords, because .htpasswd files tend to be in directories visible by
many people (especially in a shared hosting environment). That doesn't
hold for svnserve's configuration files.

The reason why I suggested base64 in particular is that if a reversible
algorithm is used then the changes can be made solely on the server
side, without needing to alter clients in any way (which makes life
simpler). And since (as I understand it) SVN already has a secure
challenge-response algorithm in place, this won't compromise security.
If you use something irreversible then every client will have to be
modified to use the obfuscated version as the root secret (or SVN's
challenge code will have to be changed), which is a much more serious

And since we've already established that you can't do anything to stop
an untrustworthy admin from doing evil, then IMHO an irreversible
algorithm provides no advantage over a reversible one.

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 23:13:24 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.