Not when I use Subversion over SSH. Of course for this to be useful it would require openSUSE to allow Suversion access via SSH. However, some would argue that this would also be an improvement. -Archie On Mon, Jan 26, 2009 at 12:07 PM, Luke Imhoff <luke@cray.com> wrote:
You do know that your password for subversion is stored as plaintext too under the ~/.subversion/auth/svn.simple/ directory, right? Subversion doesn't secure the password any better than osc.
On Mon, 2009-01-26 at 12:01 -0600, Archie Cobbs wrote:
This is yet another argument for using Subversion for the version control part of osc, instead of it's own homebrew (non-)equivalent.
I don't think it will ever happen because it's too much work though.
-Archie
On Mon, Jan 26, 2009 at 11:47 AM, Joop Boonen <joop_boonen@web.de> wrote:
I've checked out ~/.oscrc I saw that my password can be found in plain text.
As someone who would be able to read this file would be able to change packages that I have created. I'm rather worried about it. The package could easily be piggy backed with mall ware.
I'm wondering wouldn't it be possible to put an encrypted password? Or even better to work with ssh keys?
An other option would be that the password wouldn't be saved.
-- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
-- Archie L. Cobbs
-- Archie L. Cobbs -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org