> On 26 Aug 2021, at 11:30, Stefan Sperling <s...@elego.de> wrote: > > I think this may still be better than the alternative where configuration > files can be tweaked to trick Alice into unknowingly saving her password > in plaintext while running regular SVN operations. Having 'svn auth' be > the only command which would write a plaintext password does provide some > protection in this scenario, regardless of whether credentials are checked > against the server before they get cached. The evil maid simply gets the plain text of the passwords by asking key ring for them. That works today with plaintext disabled. Only in the case of a stolen machine is plaintext on disk a problem. And that assumes that you did not use full disk encryption. Barry
- Re: A strong WTF on compiling ... Stefan Sperling
- Re: A strong WTF on compiling ... Johan Corveleyn
- Re: A strong WTF on compiling ... Nathan Hartman
- Re: A strong WTF on compiling ... Daniel Sahlberg
- Re: A strong WTF on compiling ... Stefan Sperling
- Re: A strong WTF on compiling ... Mark Phippard
- Re: A strong WTF on compiling ... Johan Corveleyn
- Re: A strong WTF on compiling ... Nathan Hartman
- Re: A strong WTF on compiling ... Nathan Hartman
- Re: A strong WTF on compiling ... Stefan Sperling
- Re: A strong WTF on compiling ... Barry
- Re: A strong WTF on compiling ... Martin Edgar Furter Rathod
- Re: A strong WTF on compiling ... Daniel Shahaf
- Re: A strong WTF on compiling ... Branko Čibej
- Re: A strong WTF on compiling ... Daniel Shahaf
- Re: A strong WTF on compiling out plaintext pas... Daniel Sahlberg
- Re: A strong WTF on compiling out plaintex... Stefan Sperling
- Re: A strong WTF on compiling out plai... Robby Zinchak
- Re: A strong WTF on compiling out ... Stefan Sperling
- Re: A strong WTF on compiling out plai... Karl Fogel
- Re: A strong WTF on compiling out ... Dr. Thomas Orgis
