[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: svnserve passwd plaintext

From: <jason_at_subversus.org>
Date: 2006-07-15 14:15:32 CEST

This question has come up countless times (even very recently) on the list,
and if you had searched, you probably would have found it. The
counter-question in response is "why does it matter if the passwords are
stored in plain text?". If you have your OS properly configured with
respect to permissions on the svnserve passwords file, then there should be
no concern. If you can't trust your OS to enforce security on a file, you
probably shouldn't be using it.

-----Original Message-----
From: gmu 2k6 [mailto:gmu2006@gmail.com]
Sent: Saturday, July 15, 2006 6:07 AM
To: users@subversion.tigris.org
Subject: svnserve passwd plaintext

is there no way to use crypt(), md5(), hashXY(), bcrypt() for password
enrires in the passwd file when using svnserve? using mod_dav_svn or
tunneling svn via SSH is no option right now.
if there really is no way I might fall back to writing a passwd management
tool which works with base64 passwords but of course writes them debase64'ed
into passwd. this way at I would have to actievely take a peek at passwd to
see the passwords.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Jul 15 14:16:35 2006

This is an archived mail posted to the Subversion Users mailing list.