Re: Security flaw: subversion stores passwords by default

From: Greg Thomas <thomasgd_at_omc.bt.co.uk>
Date: Thu, 20 Mar 2008 09:59:55 +0000

On Wed, 19 Mar 2008 23:07:48 -0700, "Hari Kodungallur"
<hkodungallur_at_gmail.com> wrote:

>Currently svn provides both choices - it will store the password for you or
>you can choose to not store as well. But we could look at his argument as to
>keep the same two choices, but just make the default to not store the
>password. The config parameter can be changed by users if they wish to (to
>make store-passwords to 'yes' to make it store the password).

I wonder if this sort of setting could be part of the repo-wide client
configuration discussed at
http://subversion.tigris.org/issues/show_bug.cgi?id=1974 ("server-side
config which 'broadcasts' to clients")

Greg

-- 
This post represents the views of the author and does
not necessarily accurately represent the views of BT.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org

Received on 2008-03-20 11:00:30 CET

This message: [ Message body ]
Next message: Beau: "MAC OSX Client."
Previous message: Greg Thomas: "Re: Security flaw: subversion stores passwords by default"
In reply to: Hari Kodungallur: "Re: Security flaw: subversion stores passwords by default"
Next in thread: Karl Fogel: "Re: Security flaw: subversion stores passwords by default"
Reply: Karl Fogel: "Re: Security flaw: subversion stores passwords by default"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]