Hi anatoly, there problem is not only with SVN. In principle if a developer logs in to the PHP bug tracking system on http://bugs.php.net he also uses his password in plain text. Because of this, I see no difference here. I personally use a different password for PHP and no high-security one I use elsewhere.
In general PHP is Open Source Software, if somebody misuses a PHP's developers passwords, all these changes can be reverted in SVN, so I see no problem. Additionally all commits are reviewed by the commit mailing list subscribers (all developers). ----- Uwe Schindler [email protected] - http://www.php.net NSAPI SAPI developer Bremen, Germany > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > techtonik > Sent: Thursday, September 03, 2009 2:48 PM > To: [email protected] > Subject: [PHP-DEV] Secure SVN access > > Greeetings to php-core developers, > > Am I right that there is no https:// and svn+ssh:// access to > svn.php.net repositories? > If that's the case - how do you feel about sniffing developer's passwords? > > Please, CC. > > --anatoly t. > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
