[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Configuration recommendations in a heterogenous Linux environment?

From: Les Mikesell <lesmikesell_at_gmail.com>
Date: 2006-07-04 18:00:12 CEST

On Tue, 2006-07-04 at 02:19, Nico Kadel-Garcia wrote:
> >
> > but: if you don't trust your OS (after you configured it correctly and
> > securely), the OP is right, you should not be using it...
>
> Erik, I was talking about the server side. It's a ghods-awful approach to
> keep software passwords floating around in plain text, for any system. The
> server administrator *should not* in general know user's passwords.

Can't you use any of the many mod_auth_xxx methods with apache
(LDAP, pam, etc.), many of which use encrypted and/or remote
passwords? The usual issue with http is that basic authentication
is passed in the clear, but with https the whole stream is
encrypted.

-- 
  Les Mikesell
   lesmikesell@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jul 4 17:59:29 2006

This is an archived mail posted to the Subversion Users mailing list.