| From: | Francisco Olarte <folarte(at)peoplecall(dot)com> |
|---|---|
| To: | JP Jacoupy <jpjacoupy(at)protonmail(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Service configuration file and password security |
| Date: | 2017-02-16 18:28:32 |
| Message-ID: | CA+bJJbzKFFXh05+n258c8+Bge+=L=qhKLMgcHRNwpwJ_yGT1Gg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Feb 16, 2017 at 2:57 PM, JP Jacoupy <jpjacoupy(at)protonmail(dot)com> wrote:
> Can the password be stored in an encrypted way inside a service
> configuration file?
There is not
Passwords are not stored in the ( sometimes shared, world readable )
service configuration file ( pg_sevice), but it the UNREADABLE FOR
OTHERS password file. They need to be stored in a way which libpq and
friends can use, so even if they were encrypted they could be
extracted easily byjust debugging and setting a breakpoint in it.
If you are looking at something like a password store with a master
password at least in unix a user account with a .pgpass file works as
it. You store every password in file readable by a user, .pgpass, and
you use that user login credentials to get access to it.
Francisco Olarte.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hu, Patricia | 2017-02-16 19:01:20 | application generated an eternal block in the database |
| Previous Message | Adrian Klaver | 2017-02-16 18:22:12 | Re: Service configuration file and password security |