Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- From: Nico Kadel-Garcia <nkadel@xxxxxxxxx>
- Date: Wed, 14 Jan 2009 19:08:10 -0800 (PST)
On Jan 14, 6:20 pm, "Stachu 'Dozzie' K."
<doz...@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
On 14.01.2009, Nico Kadel-Garcia <nka...@xxxxxxxxx> wrote:
On Jan 14, 7:20 am, Andrea Francia
<afran...@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
The problem is about security settings of the Subversion repository
served trough the Apache web server.
Do not use this technique, *EVER*, for accessing Subversion
repositories, except for anonymous access.
The major problem is that the UNIX and Linux default command-line
client, 'svn', stores all passwrds locally in cleartext. The extent to
which this is an incredibly bad idea is stunning. And as the
Subversion administrator, you have no way to prevent your users from
ever using the command line client.
And this is much worse than storing, for example, e-mail passwords in
MUAs or FTP passwords? And many, many other passwords saved here and
there by various clients. And other VCS-es store their passwords
encrypted some way? And, as I understand, you can't configure Subversion
server to use HTTPs transport protocol with client certificates
required by the server, which gives the same effect as SSH with keys,
which you recommend that much.
FTP is amazingly strongly recommended against in any reasonably secure
environment, because the passwords are *transmitted* in the clear. The
fact that many MUA's store passwords in cleartext, such as fetchmail
and many poorly made MUA's, is no use for repeating the behavior for
the reference implementation of a source control system: it's not even
peer pressure, it's just a really bad example to follow. Many MUA's do
this correctly, by providing some local locking of the passwords.
There is no excuse, however, for deliberately providing a mechanism
that encourages this when another far more secure method is
available.
The point with passwords is not that you should use assymetric keys
instead, but that you should enter your passwords on trusted computers.
These are not merely *entered* on trusted computers. They are *stored
in cleartext* on arbitrary environments, which is a much, much, much
bigger security problem. Even a computer secure against online
monitoring or keylogging may be insecure against network shares or
backups of home directories, and that is a whole separate class of
security problem.
.
- Follow-Ups:
- Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- From: Stachu 'Dozzie' K.
- Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- References:
- Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- From: Nico Kadel-Garcia
- Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- From: Stachu 'Dozzie' K.
- Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- Prev by Date: Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- Next by Date: System intrusion detection, primarily on linux servers with a handful of others
- Previous by thread: Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- Next by thread: Re: How to test that I configured httpd+Subversion wirh Path Based Authorization in the right way?
- Index(es):
Relevant Pages
|
