bzr-svn not caching credentials

Jelmer Vernooij jelmer at vernstok.nl
Wed Jan 26 01:05:37 UTC 2011


On Tue, Jan 25, 2011 at 06:44:25PM -0500, John Szakmeister wrote:
> On Tue, Jan 25, 2011 at 2:19 PM, Jelmer Vernooij <jelmer at vernstok.nl> wrote:
> [snip]
> > It seems wrong for Bazaar to be writing to ~/.subversion. Also,
> > passwords are stored plain-text in ~/.subversion, which is a security
> > concern. As a Bazaar user I wouldn't want Bazaar to write my passwords
> > in plain text *anywhere* on disk automatically.
> Subversion supports both gnome-keyring and kwallet, and does prefer
> them to storing them plaintext.  I always thought it would be rather
> nice if bzr-svn would make use of those cached credentials in those
> locations.

> > Personally, I would prefer for Bazaar to support e.g. gnome-keyring to
> > handle caching of credentials.
> +1.  You can do it now, but you have to get the password in there
> yourself, which isn't very easy. :-(  Maybe bzr-gtk makes that easier?
Caching credentials would require some more work in Bazaar core, as
bzr-gtk doesn't have enough information to do caching. It just gets
called when *something* needs a password and then returns the password
that the user or gnome keyring returned. It doesn't get feedback about
whether the password was actually valid.

Cheers,

Jelmer



More information about the bazaar mailing list