Daniel Danger Bentley wrote:
>
>>> The Subversion client needs to provide the plain text password to the
>>> Apache server during authentication. Suggest a way for this to be
>>> accomplished without storing the plain text password on the client's
>>> disk.
>> In the high security area where I am currently maintaining a protected
>> SVN respository, the users are required to reenter the password any time.
>>
>> Even beyond that requirement, there's another problem:
>>
>> Some files need to be checked out from SVN with root permissions, but
>> with user/password of the person who is root at that very moment. While
>> several people share access to the root accounts, nobody should be able
>> to check in changes under the name of a different person (or be able to
>> read the password from the file system).
>>
>
> I don't know much about subversion (just joined), but this caught my eye:
> Why are multiple people sharing an account? If you don't trust your users,
> then why do you trust them to share an account?
People with root permissions aren't users, they are machine
administrators and you have to balance the ability to keep things
running against the number of people who have complete access. Aside
from the issue of sharing user accounts or working directories being a
bad idea, there will always be some number of machine administrators
that can read any file, and copies of the files are likely to end up in
backups that some other set of people can access. You should, of
course, trust people you put in these positions, but that doesn't mean
you should hand them plain-text copies of passwords that are very likely
to be used for other purposes as well. Most other programs recognize
this and make at least some effort to obscure the passwords so a casual
glance at the file won't expose them. I'd look at it like locking a
door with a glass panel. It is still worth doing even if you know it
won't stop a determined thief.
--
Les Mikesell
lesmikesell_at_gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-03-21 18:29:44 CET