[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Question on svn authentication

From: Ryan Schmidt <subversion-2008c_at_ryandesign.com>
Date: Fri, 10 Oct 2008 14:12:42 -0500

On Oct 10, 2008, at 11:28, Andy Levy wrote:

> On Thu, Oct 9, 2008 at 14:35, wrote:
>
>> We have a apache + open LDAP setup (subversion 1.5.2) for
>> authentication
>> and are on linux. The issue is that by default, the passwd is
>> saved in
>> cleartext in the auth file under home dir. Turning off the option
>> for saving
>> passwd seems to be too inconvenient (comparing to cvs) to most
>> developers
>> since then they will be prompted for passwd for most of the commands.
>>
>> Do you guys consider this an issue? Is there any plan to at least
>> encrypt
>> it?
>
> IIRC, the position is that it's the job of the host OS & filesystem to
> keep your credentials safe - file permissions, etc. IOW, make
> ~/.subversion only readable by the owner.

Right, see the FAQ:

http://subversion.tigris.org/faq.html#plaintext-passwords

Solutions for Mac OS X and Windows are already in place, and it says
a solution for Unix is in the works for Subversion 1.6.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-10-10 21:13:03 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.