Re: Question on svn authentication

From: Ryan Schmidt <subversion-2008c_at_ryandesign.com>
Date: Fri, 10 Oct 2008 14:12:42 -0500

On Oct 10, 2008, at 11:28, Andy Levy wrote:

> On Thu, Oct 9, 2008 at 14:35, wrote:
>
>> We have a apache + open LDAP setup (subversion 1.5.2) for
>> authentication
>> and are on linux. The issue is that by default, the passwd is
>> saved in
>> cleartext in the auth file under home dir. Turning off the option
>> for saving
>> passwd seems to be too inconvenient (comparing to cvs) to most
>> developers
>> since then they will be prompted for passwd for most of the commands.
>>
>> Do you guys consider this an issue? Is there any plan to at least
>> encrypt
>> it?
>
> IIRC, the position is that it's the job of the host OS & filesystem to
> keep your credentials safe - file permissions, etc. IOW, make
> ~/.subversion only readable by the owner.

Right, see the FAQ:

http://subversion.tigris.org/faq.html#plaintext-passwords

Solutions for Mac OS X and Windows are already in place, and it says
a solution for Unix is in the works for Subversion 1.6.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-10-10 21:13:03 CEST

This message: [ Message body ]
Next message: William Garrison: "Re: Bad link in FAQ - can someone please edit it?"
Previous message: Ryan Schmidt: "Re: TSVN error question"
In reply to: Andy Levy: "Re: Question on svn authentication"
Next in thread: David Weintraub: "Re: Question on svn authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]