On 02.01.06 23:57:45, Michael Biebl wrote: > Andreas Pakulat wrote: > >>Maybe a global setting in the > >>configuration dialog would be useful so that kdesvn does not always > >>prompt you if you want to store the password or not and this setting > >>could be predefined with the value from .subversion/config if not > >>explictely set. But this is more a wishlist bug than an security > >>relevant bug. > > > > > > Agreed. I'd like to have the default for "store password" option to be > > off and maybe a possibility to remove the authentication information for > > the current opened repository, so one can switch from storing to not > > storing without fiddling with .subversion/auth/... files. > > Again, there are no API functions that deal with this files in > .subversion/auth/..., so I hesitate to manipulate them directly.
Aah, forgot that little twist :-) Right, then removing the already stored credentials is only possible by removing the files in .subversion/auth. This is also documented in the default .subversion/config so the user should be able to find it. Still I think the default of the password-dialog should be to _not_ store the password. Maybe I'm just paranoid, but then default configuration for any service is normally as secure as possible without making the service unusable "out of the box". Andreas -- Increased knowledge will help you now. Have mate's phone bugged. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
