[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: plaintext passwords - my 0.02c

From: Jeremy Whitlock <jcscoobyrs_at_gmail.com>
Date: 2006-07-19 07:21:03 CEST

Stuart,
    Just so you know, clear-text passwords are not the case for Windows and
will not be the case for Mac OS X as of the 1.4.0 release. Linux would
still be a problem but I don't think this is a reason not to use
Subversion. Also, you say that people don't care about this issue and
apparently they do because Windows already encrypts creds and Mac will in a
few weeks when 1.4.0 is release. Linux isn't getting the short end of the
stick either as support for them is being worked on.

    I really do not think that using old data to formulate a reason not to
use Subversion is not a good thing to do especially on the list. Every
point you brought up was invalid. I think there are bigger fish to fry at
whatever company you work for with managing the internet browser. Clear
text user credentials are stored in cookies all of the time and since
physical compromise is an issue to you, you might want to look at other
programs that store user credentials to complain about.

Take care,

Jeremy

On 7/18/06, Stuart Celarier <SCelarier@corillian.com> wrote:
>
> I'm with you, Paul. Subversion *is* a hard sell to folks with 'Security'
> in their job titles.
>
> The FAQ entry on plaintext passwords is probably the single biggest deal
> breaker for many serious security reviews. Read it.
>
> http://subversion.tigris.org/faq.html#plaintext-passwords
>
> I'm focusing solely on what the FAQ says, not whether it is correct or
> up to date. Here's a summary of what it says to a cynical, paranoid,
> risk-mitigation kind of guy whose job it is to say "No" -- you know the
> type.
>
> 1. Trust the OS to protect the data. Sure, until the OS is compromised,
> as if that never happens. These developers sound like rank amateurs on
> security matters.
>
> 2. If you don't want passwords stored in plaintext, you have the option
> of not storing passwords at all. Bad options lead to bad decisions:
> given the opportunity to choose the lesser of two evils, people often
> choose the path of least resistance regardless of the evil involved. Not
> good.
>
> 3. Aw, heck, all my friends are doing it, worse actually, so what's the
> problem? The fallacy here is no one said that CVS set the security
> standard for Subversion to match or best.
>
> 3a. And no one cares about this problem enough to do anything about it.
> If I do, I can send in a patch. It can't be easy if no one's done it
> yet. And I need a version control system now, not next quarter or next
> year.
>
> Four reasons to say no; no reasons to say yes. Case closed.
>
> I suggest that rewriting this FAQ item to be more security savvy could
> go a long way to reducing the perception -- true or not -- that
> Subversion developers don't take security seriously.
>
>
> Stuart Celarier | Corillian Corporation
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
Received on Wed Jul 19 07:22:22 2006

This is an archived mail posted to the Subversion Users mailing list.