bzr-svn not caching credentials
Gordon Tyler
gordon at doxxx.net
Tue Jan 25 19:57:45 UTC 2011
On Tue, January 25, 2011 2:19 pm, Jelmer Vernooij wrote:
> On Tue, 2011-01-25 at 14:03 -0500, Gordon Tyler wrote:
>> If bzr-can read the saved auth info, why can't it update it as well?
> It seems wrong for Bazaar to be writing to ~/.subversion. Also,
> passwords are stored plain-text in ~/.subversion, which is a security
> concern. As a Bazaar user I wouldn't want Bazaar to write my passwords
> in plain text *anywhere* on disk automatically.
Passwords are not stored in plain-text on Windows. The only file in my
Subversion auth cache dir contains an encrypted form of my password.
According to
http://help.collab.net/index.jsp?topic=/faq/cachepassword.html, it uses
Windows encryption facilities. It can also use the Mac OS X Keychain
facility. On Linux/Unix, you can configure in your subversion config which
password store to use, e.g. gnome-keyring or kwallet. This seems to be a
svn 1.6 feature.
See
http://blogs.open.collab.net/svn/2009/07/subversion-16-security-improvements.html
for more info.
Basically, as far as I'm concerned, bzr-svn should be behaving like a
normal svn client in this regard.
> Personally, I would prefer for Bazaar to support e.g. gnome-keyring to
> handle caching of credentials.
I don't think Windows has anything like that, does it?
Ciao,
Gordon
More information about the bazaar
mailing list