[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Password stored in cleartext?

From: Reedick, Andrew <jr9445_at_ATT.COM>
Date: Wed, 16 Apr 2008 09:20:18 -0500

The topic has come up before:
http://svn.haxx.se/users/archive-2006-08/0952.shtml

 

Yes, home areas should be secured.

 

If you're using shared accounts, you can set the config file to

                store-auth-creds = no

to prevent people from inadvertently saving their svn login/password to
a shared OS account.

 

 

"Working repositories" is a really bad term. Workspaces or working
areas or sandboxes are created by 'svn co'. Repositories are the code
databases on the server.

 

 

From: Adrian Marsh [mailto:Adrian.Marsh_at_ubiquisys.com]
Sent: Wednesday, April 16, 2008 7:19 AM
To: users_at_subversion.tigris.org
Subject: Password stored in cleartext?

 

Hi,

 

Is there any reason why in SVN (linux client), the password/credentials
are stored in cleartext under ~/.subversion/auth/svn.simple ?

Is there an assumption that home areas are secured, and that working
repositories aren't shared ?

 

Adrian

 

*****

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. GA625
Received on 2008-04-16 16:21:26 CEST

This is an archived mail posted to the Subversion Users mailing list.