You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by st...@apache.org on 2013/04/13 14:34:26 UTC
svn commit: r1467609 - /subversion/site/publish/docs/release-notes/1.8.html
Author: stsp
Date: Sat Apr 13 12:34:26 2013
New Revision: 1467609
URL: http://svn.apache.org/r1467609
Log:
* publish/docs/release-notes/1.8.html
(gpg-agent): <h4> doesn't really look any different to <h3>, so try a
different approach to formatting this section.
Modified:
subversion/site/publish/docs/release-notes/1.8.html
Modified: subversion/site/publish/docs/release-notes/1.8.html
URL: http://svn.apache.org/viewvc/subversion/site/publish/docs/release-notes/1.8.html?rev=1467609&r1=1467608&r2=1467609&view=diff
==============================================================================
--- subversion/site/publish/docs/release-notes/1.8.html (original)
+++ subversion/site/publish/docs/release-notes/1.8.html Sat Apr 13 12:34:26 2013
@@ -957,11 +957,9 @@ administrator who wants to use the featu
<p>Subversion 1.8 allows the use of the GnuPG Agent (gpg-agent) daemon
to temporarily store Subversion passwords in memory.</p>
-<div class="notice">
<p>This feature does <em>not</em> use PGP to encrypt passwords on disk!
Rather, it caches passwords in memory (in plaintext) instead of saving
them to disk.</p>
-</div>
<p>To take advantage of this password cache, you'll need Subversion binaries
built with gpg-agent support (which is the default on UNIX-like systems),
@@ -977,12 +975,6 @@ running the gpg-agent.</p>
is terminated, its configured time-to-live threshold is reached, or a
HUP signal is sent to the daemon using the UNIX <tt>kill(1)</tt> utility.</p>
-<div class="h4" id="gpg-agent-security">
-<h3>SECURITY CONSIDERATIONS
- <a class="sectionlink" href="#gpg-agent-security"
- title="Link to this section">¶</a>
-</h3>
-
<p>Communication to the gpg-agent happens over a UNIX socket, which is
located in a directory which only the user running Subversion can access.
However, any program the user runs could access this socket and get
@@ -995,11 +987,11 @@ are also used as filenames within <tt>~/
Unlike with GNOME Keyring or KDE Wallet, the user is not prompted for
permission if another program attempts to access the password.</p>
+<div class="notice">
<p>Therefore, while the gpg-agent is running and has the password cached,
the password cache is no more secure than a file storing the password in
plaintext.</p>
-
-</div> <!-- gpg-agent-security -->
+</div>
</div> <!-- gpg-agent -->
Re: svn commit: r1467609 -
/subversion/site/publish/docs/release-notes/1.8.html
Posted by Daniel Shahaf <da...@elego.de>.
Daniel Shahaf wrote on Sat, Apr 13, 2013 at 16:10:15 +0300:
> stsp@apache.org wrote on Sat, Apr 13, 2013 at 12:34:26 -0000:
> > Author: stsp
> > Date: Sat Apr 13 12:34:26 2013
> > New Revision: 1467609
> >
> > URL: http://svn.apache.org/r1467609
> > Log:
> > * publish/docs/release-notes/1.8.html
> > (gpg-agent): <h4> doesn't really look any different to <h3>, so try a
> > different approach to formatting this section.
> >
> > -<div class="h4" id="gpg-agent-security">
> > -<h3>SECURITY CONSIDERATIONS
>
> s/<h3>/<h4>/
By the way, we could do something like this:
div.h4 h3 { border-color: red; border-width: 5px; }
to make this kind of error stand out better.
Re: svn commit: r1467609 -
/subversion/site/publish/docs/release-notes/1.8.html
Posted by Daniel Shahaf <da...@elego.de>.
Daniel Shahaf wrote on Sat, Apr 13, 2013 at 16:10:15 +0300:
> stsp@apache.org wrote on Sat, Apr 13, 2013 at 12:34:26 -0000:
> > Author: stsp
> > Date: Sat Apr 13 12:34:26 2013
> > New Revision: 1467609
> >
> > URL: http://svn.apache.org/r1467609
> > Log:
> > * publish/docs/release-notes/1.8.html
> > (gpg-agent): <h4> doesn't really look any different to <h3>, so try a
> > different approach to formatting this section.
> >
> > -<div class="h4" id="gpg-agent-security">
> > -<h3>SECURITY CONSIDERATIONS
>
> s/<h3>/<h4>/
By the way, we could do something like this:
div.h4 h3 { border-color: red; border-width: 5px; }
to make this kind of error stand out better.
Re: svn commit: r1467609 -
/subversion/site/publish/docs/release-notes/1.8.html
Posted by Daniel Shahaf <da...@elego.de>.
stsp@apache.org wrote on Sat, Apr 13, 2013 at 12:34:26 -0000:
> Author: stsp
> Date: Sat Apr 13 12:34:26 2013
> New Revision: 1467609
>
> URL: http://svn.apache.org/r1467609
> Log:
> * publish/docs/release-notes/1.8.html
> (gpg-agent): <h4> doesn't really look any different to <h3>, so try a
> different approach to formatting this section.
>
> -<div class="h4" id="gpg-agent-security">
> -<h3>SECURITY CONSIDERATIONS
s/<h3>/<h4>/
> - <a class="sectionlink" href="#gpg-agent-security"
> - title="Link to this section">¶</a>
> -</h3>
Re: svn commit: r1467609 -
/subversion/site/publish/docs/release-notes/1.8.html
Posted by Daniel Shahaf <da...@elego.de>.
stsp@apache.org wrote on Sat, Apr 13, 2013 at 12:34:26 -0000:
> Author: stsp
> Date: Sat Apr 13 12:34:26 2013
> New Revision: 1467609
>
> URL: http://svn.apache.org/r1467609
> Log:
> * publish/docs/release-notes/1.8.html
> (gpg-agent): <h4> doesn't really look any different to <h3>, so try a
> different approach to formatting this section.
>
> -<div class="h4" id="gpg-agent-security">
> -<h3>SECURITY CONSIDERATIONS
s/<h3>/<h4>/
> - <a class="sectionlink" href="#gpg-agent-security"
> - title="Link to this section">¶</a>
> -</h3>