[Ffmpeg-devel] SVN challenge response authentication weaknesses
Michael Niedermayer
michaelni
Sun May 28 00:04:08 CEST 2006
Hi
On Sat, May 27, 2006 at 02:16:38PM +0200, Diego Biurrun wrote:
> On Sat, May 27, 2006 at 12:57:35PM +0200, Michael Niedermayer wrote:
> >
> > 1. passwords are stored in plaintext on the server this means everyone
> > who has root or can get his hands on the servers harddisk knows your password
> > -> dont reuse any important password
>
> Yes. Of course all the roots can tamper with the repository in any way
> they like anyway...
yes but with more advanced authentication systems they will never see the
password as its never on the server, the problem is if the user/developer
used the password somewhere else too (online banking or such for example)
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
In the past you could go to a library and read, borrow or copy any book
Today you'd get arrested for mere telling someone where the library is
More information about the ffmpeg-devel
mailing list