Bug#415755: subversion: Follow up on Bug #415755
Peter Samuelson
peter at p12n.org
Wed Nov 7 01:34:29 UTC 2007
[Valentin v. Seggern]
> Subversion doesn't only store Passwords by default cleartext in the
> users home directory. The Files in ~/.subversion/auth/svn.simple/*
> are also _world_ readable.
Sorry for taking so long to follow up.
I've just confirmed from reading source code (back to svn 1.0.0, the
oldest I have here) that it always creates the ~/.subversion/auth
directory with permission mode 700, which means only you and the
sysadmin can read it.
--
Peter Samuelson | org-tld!p12n!peter | http://p12n.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-subversion-maintainers/attachments/20071106/ee3929bf/attachment.pgp
More information about the pkg-subversion-maintainers
mailing list