[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Question on svn authentication

From: Andy Levy <andy.levy_at_gmail.com>
Date: Fri, 10 Oct 2008 12:28:25 -0400

On Thu, Oct 9, 2008 at 14:35, <jianbing.chen_at_tektronix.com> wrote:
> Hi,
>
> We have a apache + open LDAP setup (subversion 1.5.2) for authentication
> and are on linux. The issue is that by default, the passwd is saved in
> cleartext in the auth file under home dir. Turning off the option for saving
> passwd seems to be too inconvenient (comparing to cvs) to most developers
> since then they will be prompted for passwd for most of the commands.
>
> Do you guys consider this an issue? Is there any plan to at least encrypt
> it?
>
> Thanks for any feedback. We are trying to make it work asap.

IIRC, the position is that it's the job of the host OS & filesystem to
keep your credentials safe - file permissions, etc. IOW, make
~/.subversion only readable by the owner.

On Windows, there's a built-in crypto API that is called by SVN to
encrypt that data, and as of (I think) 1.4 SVN on uses the user's
Keychain on OS X. I don't think there's a comparable feature that's
ubiquitously available on *NIX, so it's left to the host OS &
filesystem permissions to keep things safe.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-10-10 18:28:53 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.