[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Apache httpd 2.4 + Subversion 1.9.5 + LDAP combination does not work on CentOS 7.x

From: Stefan Sperling <stsp_at_elego.de>
Date: Wed, 19 Jul 2017 18:24:24 +0200

On Tue, Jul 18, 2017 at 08:58:26PM -0400, Nico Kadel-Garcia wrote:
> The other blocking factor, for me, was the default behavior of the
> Subversion client of storing the HTTP or HTTPS access passwords in
> cleartext. It's gotten better orver time, notifying users better of
> the risks, but the default behavior is still an issue.

Nico, you have been repeating this point over and over again
like a broken record. I expect every subscriber to this list
is already very much aware of your opinion on this matter ;-)

The prompt (which I added years ago) was an improvement, yes.
But I don't expect this default behaviour (prompt) to change, ever,
and I see no reason to keep discussing this point. It's many years
too late for that now.

The default behaviour can be adjusted globally by the system admin with
a small config file in /etc/subversion. OpenBSD has been installing such
a file for many years and there has never been any complaint.
http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel/subversion/files/servers?rev=1.1&content-type=text/x-cvsweb-markup
I recommend you do the same on systems you maintain, and move on.
Received on 2017-07-19 18:24:49 CEST

This is an archived mail posted to the Subversion Users mailing list.