Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:45468 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 2882 invoked from network); 3 Sep 2009 12:56:00 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 Sep 2009 12:56:00 -0000 Authentication-Results: pb1.pair.com header.from=thetaphi@php.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=thetaphi@php.net; spf=unknown; sender-id=unknown Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 85.25.71.29 as permitted sender) X-PHP-List-Original-Sender: thetaphi@php.net X-Host-Fingerprint: 85.25.71.29 loft1553.serverloft.de Linux 2.6 Received: from [85.25.71.29] ([85.25.71.29:39929] helo=mail.troja.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C5/93-19451-EDCBF9A4 for ; Thu, 03 Sep 2009 08:56:00 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.troja.net (Postfix) with ESMTP id 62F01D36007; Thu, 3 Sep 2009 14:55:56 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mail.troja.net Received: from mail.troja.net ([127.0.0.1]) by localhost (megaira.troja.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n2wh9qwxuKcH; Thu, 3 Sep 2009 14:55:45 +0200 (CEST) Received: from VEGA (unknown [134.102.249.75]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.troja.net (Postfix) with ESMTPSA id 937DCD36003; Thu, 3 Sep 2009 14:55:45 +0200 (CEST) To: "'techtonik'" , References: Date: Thu, 3 Sep 2009 14:55:43 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-reply-to: Thread-Index: AcoslPpStJuaCbQxTyOZKS+qOTw03wAADxjw X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Subject: RE: [PHP-DEV] Secure SVN access From: thetaphi@php.net ("Uwe Schindler") Hi anatoly, there problem is not only with SVN. In principle if a developer logs in to the PHP bug tracking system on http://bugs.php.net he also uses his password in plain text. Because of this, I see no difference here. I personally use a different password for PHP and no high-security one I use elsewhere. In general PHP is Open Source Software, if somebody misuses a PHP's developers passwords, all these changes can be reverted in SVN, so I see no problem. Additionally all commits are reviewed by the commit mailing list subscribers (all developers). ----- Uwe Schindler thetaphi@php.net - http://www.php.net NSAPI SAPI developer Bremen, Germany > -----Original Message----- > From: techtonik@gmail.com [mailto:techtonik@gmail.com] On Behalf Of > techtonik > Sent: Thursday, September 03, 2009 2:48 PM > To: internals@lists.php.net > Subject: [PHP-DEV] Secure SVN access > > Greeetings to php-core developers, > > Am I right that there is no https:// and svn+ssh:// access to > svn.php.net repositories? > If that's the case - how do you feel about sniffing developer's passwords? > > Please, CC. > > --anatoly t. > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php