Re: [PATCH] credential: do not store credentials received from helpers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Apr 6, 2012 at 20:34, Jeff King <peff@xxxxxxxx> wrote:
>  2. If you use a time-based storage helper like
>     "git-credential-cache", every time you run a git
>     command which uses the credential, it will also
>     re-insert the credential after use, freshening the
>     cache timestamp. So the cache will eventually expire N
>     time units after the last _use_, not after the time the
>     user actually typed the password. This is probably not
>     what most users expect or want (and if they do, we
>     should do it explicitly by providing an option to
>     refresh the timestamp on use).

So if I use the cache helper, and its set to expire at the default of
15 minutes, I have to type my password in every 15 minutes, even if I
am doing a Git operation roughly every 8 minutes during a work day?

> We can solve this by marking a credential that comes from a
> helper, so we don't bother feeding it back to the helpers.
> The credential struct already has an "approved" flag so
> that we try to store it only once, rather than for each
> successful http request. We can use the same flag to
> "pre-approve" a credential which comes from a helper, and
> enver try to store it at all.

This breaks one of my credential helpers.

I have a helper that generates a password by asking a remote system to
generate a short lived password based on other authentication systems
that I can't describe. Once I have that password, its good for $X
time.

The helper just dumps it out to Git, and Git turns around and stores
it into the cache for me. This means later requests will keep that
credential in the cache, and avoid making that remote system call
every time I do a Git network command. I guess I now need to change my
helper to cache git credential-cache itself and store the password
into the cache if it wants to use the cache?

Should we update the credential helper documentation at the same time
as this change to make it clear Git won't cache passwords returned
from helpers, but a helper could call the credential-cache itself if
it wanted to reuse the existing cache service?
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]