subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <s...@elego.de>
Subject Re: svn Farm
Date Sun, 17 Oct 2010 13:14:09 GMT
On Sun, Oct 17, 2010 at 12:14:12AM -0400, Nico Kadel-Garcia wrote:
> On Sat, Oct 16, 2010 at 10:00 AM, Stefan Sperling <stsp@elego.de> wrote:
> > I share Nico's concerns, and when I did (successfully) try to get the
> > behaviour changed, the community was OK with adding a prompt, but not
> > with dropping the feature entirely. Which I would have happily done if
> > people had let me do it. But fair enough, the community's decision is
> > binding, and overrules my own, personal, opinion.
> 
> How did "the community" vote?

There was no vote on this matter.
We only vote when consensus cannot be reached.
AFAIK this only happened once or twice in the lifetime of the project.
One vote was about whitespace formatting rules in the code.

> the only one whose "vote" really counts, unless others want to write
> a fork.

All discussion happens on the public dev@ list and everyone is invited
to participate.  Of course, opinions of committers tend to carry more weight
than opinions of people who don't have commit access. But that is not because
of random circumstance -- it's because committers have earned the trust of the
community to be in that position. And often enough committers disagree with
each other just like non-committers can disagree with committers.

Some links into the archives regarding the plaintext password discussion:
http://svn.haxx.se/dev/archive-2007-10/0525.shtml
http://svn.haxx.se/dev/archive-2008-04/0685.shtml
http://svn.haxx.se/dev/archive-2008-04/0832.shtml

> > So I don't think Nico will ever get what he wants, no matter how much
> > he'll be ranting about it or be trying to actually contribute towards
> > getting this feature removed.
> 
> Would patch files for the config files help to get it enabled by
> default help? I can send them.

I'm not sure I understand what you want to send.

Any submissions are welcome. For huge changes, sparking off a discussion 
within the community before doing a lot of work is a good idea, in case
the idea ends up being rejected. And usually the idea gets refined quite
a lot during discussion.

> > And I suppose he won't be happy with GPG support either.
> 
> I'd be happy if you'd call it it by its correct name. It's not GPG
> support. It's gpg-agent support, which is a local daemon for providing
> access to unlocked GPG keys. It's a great widget, I've used it, and
> I'd love to see it in the Subversion code base. It would allow admins
> to prevent the use of the existing older releases and enforce an
> upgrade to a more securite technology. Go, Dan Engel for submitting
> it!

The server doesn't care about what the client does with the password,
and the gpg-agent support won't change that.
The gpg-agent password store will be optional and behave just like
the gnome-keyring and kwallet stores.
 
> > What he really wants is an alternate-universe Subversion which never
> > had the plaintext password storage feature in the first place.
> 
> I'd settle for being able to block that local use on the server side:
> that means a structural change.

It will never work reliably because the client can lie about it.
There has been discussion about "repository-dictated configuration" before.
Here's a recent thread: http://svn.haxx.se/dev/archive-2010-08/0166.shtml

Mime
View raw message