From: | Francisco Olarte <folarte(at)peoplecall(dot)com> |
---|---|
To: | JP Jacoupy <jpjacoupy(at)protonmail(dot)com> |
Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Service configuration file and password security |
Date: | 2017-02-16 18:28:32 |
Message-ID: | CA+bJJbzKFFXh05+n258c8+Bge+=L=qhKLMgcHRNwpwJ_yGT1Gg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, Feb 16, 2017 at 2:57 PM, JP Jacoupy <jpjacoupy(at)protonmail(dot)com> wrote:
> Can the password be stored in an encrypted way inside a service
> configuration file?
There is not
Passwords are not stored in the ( sometimes shared, world readable )
service configuration file ( pg_sevice), but it the UNREADABLE FOR
OTHERS password file. They need to be stored in a way which libpq and
friends can use, so even if they were encrypted they could be
extracted easily byjust debugging and setting a breakpoint in it.
If you are looking at something like a password store with a master
password at least in unix a user account with a .pgpass file works as
it. You store every password in file readable by a user, .pgpass, and
you use that user login credentials to get access to it.
Francisco Olarte.
From | Date | Subject | |
---|---|---|---|
Next Message | Hu, Patricia | 2017-02-16 19:01:20 | application generated an eternal block in the database |
Previous Message | Adrian Klaver | 2017-02-16 18:22:12 | Re: Service configuration file and password security |