[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Security flaw: subversion stores passwords by default

From: Vincent Lefevre <vincent+svn_at_vinc17.org>
Date: Fri, 21 Mar 2008 16:10:12 +0100

On 2008-03-20 01:02:35 +0100, Hadmut Danisch wrote:
> Just read that:
> " Trust your OS to protect data on disk."
> That's nonsense.

Yes, even though the OS can protect data on disk, there are great
applications (run by the user) that can read them and send them
to arbitrary remote servers:


AFAIK, this bug is still present in Firefox 2 (all versions).

Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-03-21 16:10:38 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.