We have been using ReviewBoard with our Subversion repos using svn+ssh://
access, and while functional, it’s been a little slow. Performance with
https:// access to our Subversion servers is noticeably faster, but when I
configure the Repository in ReviewBoard and specify the username and password
to use, I noticed that the password is stored in plain text in the database.
The database itself is not easily accessible by users, but the nightly database
dumps could be read by others, so I am concerned about a possible exposure of
automated build user account password.
We are still using ReviewBoard 1.7.27 as it is hosted on a CentOS 6 server, so
upgrading to 2.X is not trivial. Is it common practice for ReviewBoard users
to store repository passwords in the database in plain text?
Supercharge your Review Board with Power Pack:
Want us to host Review Board for you? Check out RBCommons:
Happy user? Let us know! https://www.reviewboard.org/users/
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.