On 12/17/2012 03:11 PM, Branko Čibej wrote: > On 17.12.2012 20:01, C. Michael Pilato wrote: >> On 12/17/2012 01:05 PM, Branko Čibej wrote: >>> On 17.12.2012 15:03, C. Michael Pilato wrote: >>>> On 12/17/2012 05:19 AM, Branko Čibej wrote: >>>>> On 17.12.2012 09:47, Bert Huijben wrote: >>>>>> I think we should suppress this warning on Windows when the CryptoAPI >>>>>> encryption is enabled (read: +- always) to avoid unneeded user questions. >>>>> I rather think we should disable plaintext password storage by default, >>>>> I don't care about Windows, and let people enable it explicitly. >>>> May I assume you mean "runtime-disable", not "compile-time-disable"? >>> Yes, of course. Here's the thing, though: the define in >>> svn_private_config.h doesn't actually do what it says. For example, if >>> someone should define it on Windows, it would disable storing passwords >>> on disk, even though they're (almost) always encrypted on that platform. >> But ... why would someone define it on Windows, though? And why do I/you/we >> care if folks gets unexplained behavior when they go around setting #defines >> without understanding them? There's a reason why that #define isn't >> templated in svn_private_config.hw, after all. > > Quite right. I'm not really all that worried about Windows. But, ISTR > that someone (you?) was doing some work on getting the on-disk files > encrypted on other platforms, too. Would that effort supersede this > config option?
Yes, I am working on a master-passphrase-based disk encryption feature. (Or, at least, I was, before trying to get 1.8 out of the door in a reasonable amount of time became a priority). The effort would not necessarily supercede the configuration option, though. -- C. Michael Pilato <cmpil...@collab.net> CollabNet <> www.collab.net <> Enterprise Cloud Development
signature.asc
Description: OpenPGP digital signature
