Mailinglist Archive: opensuse-buildservice (206 mails)

< Previous Next >
Re: [opensuse-buildservice] osc and security
  • From: Peter Poeml <poeml@xxxxxxx>
  • Date: Tue, 3 Mar 2009 23:06:48 +0100
  • Message-id: <20090303220648.GZ10390@xxxxxxx>
Hi,

I just noticed that Subversion 1.6 (a release candidate is out there)
will have some new features related to handling of credentials used
authentication. These are:

* Prompting before storing passwords in plaintext form
Subversion prompts before storing passwords in plaintext form.

* Support for storing passwords in KWallet and GNOME Keyring (Unix-like
systems)
Passwords can be stored in KWallet (KDE 4) and GNOME Keyring.

* Support for storing SSL client certificate passphrases
SSL client certificate passphrases can be stored in KWallet, GNOME
Keyring, Mac OS Keychain, a Windows CryptoAPI encrypted form or in
plaintext form.


Some discussion that I found when I searched via Google was this:
http://svn.haxx.se/dev/archive-2008-04/0832.shtml
http://svn.haxx.se/dev/archive-2008-04/0803.shtml
http://svn.haxx.se/dev/archive-2008-04/0815.shtml
So no really new findings, but the rationale about not storing passwords
by default I found quite interesting:
``But anyone saving their passwords on disk even though the admin
told them not to will not be able to blame Subversion for doing
so behind their backs. They will have to take responsibility
themselves. They can't point at us saying "they saved my password,
I didn't do it".''
This is something that the OBS could do with relatively little effort.

Peter
--
Contact: admin@xxxxxxxxxxxx (a.k.a. ftpadmin@xxxxxxxx)
#opensuse-mirrors on freenode.net
Info: http://en.opensuse.org/Mirror_Infrastructure

SUSE LINUX Products GmbH
Research & Development
< Previous Next >
This Thread
  • No further messages