Re: How to create a new repository

On Aug 23, 2009, at 12:08, Nico Kadel-Garcia wrote:

> On Sat, Aug 22, 2009 at 3:22 PM, Sam Carleton wrote:
>
>> I need to setup a whole new repository:
>>
>> https://<domain>/repos/<something new>
>>
>> What are the commands to do that?
>
> The command is "don't". The handling of HTTP or HTTPS passwords by
> storing them as clear-text in $HOME/.subversion/auth/ is such an
> amazingly poor design decision that such access should only be used
> for repository browsing of anonymous repositories, and write access
> via HTTPS should be replaced with svn+ssh wherever feasible.

I see you have some strong feelings against https and for svn+ssh.
Four days ago, Andrey Repin posted his strong feelings against svn
+ssh and for https:

http://svn.haxx.se/users/archive-2009-08/0453.shtml

There are advantages and disadvantages to each of the available ways
to serve a repository, so let's assume that Sam has already evaluated
them and decided that he wants to use https.

For the record, Subversion does not store clear-text passwords in
$HOME/.subversion/auth anymore if possible. As of Subversion 1.2, on
Windows 2000 or greater, stored passwords are encrypted [1]. As of
Subversion 1.4, on Mac OS X, passwords are stored in the Keychain
[2]. And as of Subversion 1.6, on UNIX-like systems, KWallet and
GNOME Keyring can be used, and if all of these methods are not enough
and a password still cannot be stored in a secure way, then a big
warning is now printed [3].

[1] http://subversion.tigris.org/svn_1.2_releasenotes.html#win32-
password-encryption

[2] http://subversion.tigris.org/svn_1.4_releasenotes.html#keychain

[3] http://subversion.tigris.org/svn_1.6_releasenotes.html#auth-
related-improvements

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2386567

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-23 22:04:05 CEST