Andreas Pakulat wrote: > reopen 345518 = > severity 345518 wishlist > retitle 345518 do not default to saving password and include configuration > option > stop > > On 02.01.06 14:21:30, Michael Biebl wrote: > >>This setting is for the subversion command client. > > > Hmm, thought it would be authoritive for any program using libsvn0. > Especially as the stored credentials are used by the command line client > too. >
I looked throught the API documentation of subversion and noticed that all the authentication related functions have a may save flag that a caller has to set to true or false. They don't get this information automatically from the config file, every client has to set this explicitly. kdesvn would have to parse the config file in .subversion/config itself to get this setting. There seem to be no API functions that deal with configuration settings. > >>Maybe a global setting in the >>configuration dialog would be useful so that kdesvn does not always >>prompt you if you want to store the password or not and this setting >>could be predefined with the value from .subversion/config if not >>explictely set. But this is more a wishlist bug than an security >>relevant bug. > > > Agreed. I'd like to have the default for "store password" option to be > off and maybe a possibility to remove the authentication information for > the current opened repository, so one can switch from storing to not > storing without fiddling with .subversion/auth/... files. Again, there are no API functions that deal with this files in .subversion/auth/..., so I hesitate to manipulate them directly. Adding an option to the configuration dialog about storing/not storing the password should be simple, though. Regards, Michael
signature.asc
Description: OpenPGP digital signature
