Garrett Rooney wrote:
> On 7/3/06, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
>> Ulrich Eckhardt wrote:
>>
>>> - svnserve is dead easy to setup and offers some basic
>>> authentication.
>>
>> As much as I like Subversion, I consider svnserve one of its great
>> flaws. Svnserve does not allow storage of encrypted passwords, only
>> plaintext, and relies on plaintext transmission of those passwords.
>
> Uhh, that's pure bullshit, the transmission of the passwords is via
> CRAM-MD5, it is never sent over the wire as plaintext. Please
> investigate these things before you form an opinion. The storage of
> passwords is plainext, but their transmission is not.
>
> -garrett
By the way, thank you for the correction. I see it in the source code and in
the current version of the book at http://svnbook.red-bean.com. It's not
mentioned in the manpages, unfortunately, and only mentioned once in passing
in the book. That doesn't excuse me for missing it, though.
Was it mentioned in the printed O'Reilly manual?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jul 4 01:08:30 2006