Re: Security flaw: subversion stores passwords by default

From: Karl Fogel <kfogel_at_red-bean.com>
Date: Thu, 20 Mar 2008 11:00:12 -0400

"Hari Kodungallur" <hkodungallur_at_gmail.com> writes:
> Currently svn provides both choices - it will store the password for
> you or you can choose to not store as well. But we could look at his
> argument as to keep the same two choices, but just make the default to
> not store the password. The config parameter can be changed by users
> if they wish to (to make store-passwords to 'yes' to make it store the
> password).

Sure. But we had this discussion years ago; we didn't just flip a coin
to choose the current way, we really hashed out the pros and cons.
(Hadmut may not have realized that, of course, since it was a long time
ago.)

Best,
-Karl

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-03-20 16:00:40 CET

This message: [ Message body ]
Next message: Karl Fogel: "Re: Security flaw: subversion stores passwords by default"
Previous message: Karl Fogel: "Re: Security flaw: subversion stores passwords by default"
In reply to: Hari Kodungallur: "Re: Security flaw: subversion stores passwords by default"
Next in thread: Les Mikesell: "Re: Security flaw: subversion stores passwords by default"
Reply: Les Mikesell: "Re: Security flaw: subversion stores passwords by default"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]