On Wed, Aug 5, 2009 at 12:58, Zoltan Megyesi<cherry@...> wrote:
> Thanks for the answer.
>> The password should be encrypted already in that location using the
>> Windows Crypto API (assuming you're using a sufficiently recent
>> release of Subversion/TSVN).
> That is unfortunately not enough. Many reasons, including: it is easier to break the weak or non-existent user passwords, laptops can be stolen, etc..
Weak/non-existent user passwords are a policy & human problem, not a
Subversion configuration concern.
Stolen laptops - again, a password for your repository should be the
least of your worries at that point. If this is a major concern, you
should be using full-disk encryption and/or not allow ANY sensitive
data to be stored on laptops.
> More importantly we want to control the safety of specific repositories our way.
Repository security is a server consideration, not client. If a user's
SVN password is compromised, they still need to gain access to your
repository (if they have to get connected to the VPN first, they can't
get to your repository) to do anything with it. And that doesn't
address the concerns of someone having access to the checked-out
contents - see above re: sensitive data on laptops, full-disk
In short, Subversion assumes that you can adequately secure your
system & user account without resorting to "reconfiguring" Subversion.
>> You should be more concerned with the
>> password storage on the server and over the wire; depending on how
>> your server is configured, they may be stored & transmitted in
>> plaintext there.
> I am concerned, but these are issues for a different topic.
> Currently I need to place the cache to a different location, but I could not set cache location in the client settings. I hoped there were some configuration options for this. They would be useful. (I could avoid modifying %appdata%)
You'll need to compile your own version of the Subversion libraries
and distribute your own SVN client(s) to your users. While
simultaneously prohibiting them from using the "vanilla" client.
You could also prevent people from caching passwords in the first
place by editing %APPDATA%\Subversion\config (the [auth] section), but
you can't stop them from reverting it back to caching.