subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache subversion Wiki <comm...@subversion.apache.org>
Subject [Subversion Wiki] Update of "EncryptedPasswordStorage" by CMichaelPilato
Date Mon, 16 Jan 2012 20:11:49 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change notification.

The "EncryptedPasswordStorage" page has been changed by CMichaelPilato:
http://wiki.apache.org/subversion/EncryptedPasswordStorage?action=diff&rev1=10&rev2=11

Comment:
Another open question about the master password concept.

  {{{#!wiki note
  Is there any system extant which is secure when another user might have root access on the
machine?  Surely with keystroke loggers and other sorts of software which a root user could
install, true security on any such a system is flatly unavailable.  So, what is the real impact
of the GPG Agent "SECURITY CONSIDERATIONS" listed above?  How might gpg-agent's default timeout
mitigate that impact?  And finally, could the gpg-agent be used for the storage of not Subversion
passwords, but of merely the "master password" which is used to encrypt/decrypt disk-cached
credentials?
  }}}
+ {{{#!wiki note
+ Even with the existing keyring integrations, we still make use of the runtime configuration
area's auth/ subdirectory.  Most of the credential information for every realm is stored on
disk, with either a "password" record (and plaintext password) or a "passtype" record that
tells Subversion where to look for the password ("gnome-keyring", "gpg-agent", etc.)  Would
we better served (in simplicity and consistency) by using the externals stores for nothing
but a master password and always store the encrypted form on disk?
+ }}}
  

Mime
View raw message