Skip site navigation (1) Skip section navigation (2)

Re: Password security [where is the password]

From: Ludek Finstrle <luf(at)pzkagis(dot)cz>
To: Ezequias Rodrigues da Rocha <ezequias(dot)rocha(at)gmail(dot)com>
Cc: pgsql-odbc(at)postgresql(dot)org
Subject: Re: Password security [where is the password]
Date: 2007-01-22 15:02:03
Message-ID: 20070122150203.GA29241@soptik.pzkagis.cz (view raw or flat)
Thread:
Lists: pgsql-odbc
Mon, Jan 22, 2007 at 12:48:17PM -0200, Ezequias Rodrigues da Rocha napsal(a):
> Further more in the future we will implement a server application. Now I
> have another question:
> 
> My clients are Fat32 and I don't meant to change all clients to NTFS so my
> Security TAB doesn't appears (I consider it occurs becouse the Filesystem).

Yes. You're right. All users are admins when you use Fat32. So you're
not able to store the password in the secure way on local machines.
You have to specify the password all the time or maybe some network 
share from server should work?

Regards,

Luf

> 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> >
> >Mon, Jan 22, 2007 at 10:48:15AM -0200, Ezequias Rodrigues da Rocha
> >napsal(a):
> >> 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> >> >Mon, Jan 22, 2007 at 09:39:17AM -0200, Ezequias Rodrigues da Rocha
> >> >napsal(a):
> >> >> The latest item (FILE) where is it specifically?
> >> >
> >> >Hmmm, what OS are you using?
> >> >I suppose it's Windows. Have you already used "ODBC Data Source
> >> >Administrator"? If you aren't  let's try it. It's located in
> >> >Administrative
> >> >tools (in Control panel). There are some tabpages:
> >> >1) User DSN (stored in HKCU)
> >> >2) System DSN (stored in HKLM - you can specify the ACL with regedt32)
> >> >3) File DSN - you specify the file when you adding the DSN
> >> >
> >> >> I must garantee that only admin users can see this password by now.
> >Any
> >> >> other help
> >> >
> >> >You can do it with 2) System DSN with correct registry ACL on the DSN
> >or
> >> >with 3) File DSN with correct File ACL.
> >>
> >> Many acronyms. My clients are Windows. I really don't know how to make
> >this
> >> work. What is ACL ?
> >
> >ACL = access control list
> >file ACL (in explorer mouse right click on file -> Properties -> tab
> >Security)
> >registry ACL (in regedt32 choose the key and in menu Security ->
> >Permissions)
> >DSN = ODBC DataSource
> >
> >Let's run "DataSources (ODBC)" or how is the manager named in Control
> >Panel,
> >define some DSN (User x System x File) and then let's try change the
> >ACL for it in registry or in filesystem. Then you can verify it as admin
> >and normal user.
> >
> >Feel free to ask more if something doesn't work as you expect.
> >I hope I give you all informations what you need.
> >
> >Regards,
> >
> >Luf
> >
> >> >> 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> >> >> >
> >> >> >> I would like to know where is the password setted on the
> >connection
> >> >> >Dialog.
> >> >> >> If it remains after the client shutdown it must be in some place
> >in
> >> >the
> >> >> >hard
> >> >> >> disk. I am afread about it. Can anyone tell me if someone can
> >catch
> >> >it
> >> >> >> (hacker) ?
> >> >> >
> >> >> >It's stored in registry:
> >> >> >System DSN:
> >> >> >HKLM\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> >> >> >All the users with access to the computer can read it (don't forgot
> >> >> >the network registry access).
> >> >> >
> >> >> >User DSN:
> >> >> >HKCU\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> >> >> >If everything is properly only the user and Admin can read it.
> >> >> >
> >> >> >File DSN:
> >> >> >in file
> >> >> >All the users with access to the file can read it.
> >> >> >
> >> >> >Regards,
> >> >> >
> >> >> >Luf
> >> >> >
> >> >> >P.S. The admin could change the default ACL on registry tree.
> >
> 
> 
> 
> -- 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>                                  Atenciosamente (Sincerely)
>                        Ezequias Rodrigues da Rocha
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> A pior das democracias ainda é melhor do que a melhor das ditaduras
> The worst of democracies is still better than the better of dictatorships
> http://ezequiasrocha.blogspot.com/

In response to

Responses

pgsql-odbc by date

Next:From: Jiří NouzaDate: 2007-01-23 09:10:45
Subject: linked tables in MS Access
Previous:From: Ezequias Rodrigues da RochaDate: 2007-01-22 14:48:17
Subject: Re: Password security [where is the password]

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group