[Yanel-development] Yarep SVN implementation and security

Michael Wechner michael.wechner at wyona.com
Wed Nov 29 08:47:46 CET 2006


Hi

At the moment we keep the Password for the SVN storage implementation 
plaintext within the yarep config file

<storage class="org.wyona.yarep.core.impl.svn.SVNStorage">
  <content
src="https://svn.wyona.com/repos/foo/bar/"             
workdir="/home/michi/foo/bar/"
username="TEST"
password="PASSWORD"/>

</storage>
 </repository>

This raises some security concerns especially on shared servers.

The only way I currently see is that an administrator has to type-in the 
password during startup which
would improve the situation a bit.

Or are there any other ideas?

Thanks

Michi

-- 
Michael Wechner
Wyona      -   Open Source Content Management   -    Apache Lenya
http://www.wyona.com                      http://lenya.apache.org
michael.wechner at wyona.com                        michi at apache.org
+41 44 272 91 61




More information about the Yanel-development mailing list