Skip site navigation (1) Skip section navigation (2)

Re: Password security [where is the password]

From: "Ezequias Rodrigues da Rocha" <ezequias(dot)rocha(at)gmail(dot)com>
To: "Ludek Finstrle" <luf(at)pzkagis(dot)cz>
Cc: pgsql-odbc(at)postgresql(dot)org
Subject: Re: Password security [where is the password]
Date: 2007-01-22 14:48:17
Message-ID: 55c095e90701220648m25a2b818g56f275bef06f53da@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-odbc
I know that the correct odbc usage (on windows) is with a  "Application
Server" on only one machine, but now we only have the capability to use
direct connection.

Further more in the future we will implement a server application. Now I
have another question:

My clients are Fat32 and I don't meant to change all clients to NTFS so my
Security TAB doesn't appears (I consider it occurs becouse the Filesystem).

Did I correct ?

Thank you so much for the explanations.

Regards

2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
>
> Mon, Jan 22, 2007 at 10:48:15AM -0200, Ezequias Rodrigues da Rocha
> napsal(a):
> > 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> > >Mon, Jan 22, 2007 at 09:39:17AM -0200, Ezequias Rodrigues da Rocha
> > >napsal(a):
> > >> The latest item (FILE) where is it specifically?
> > >
> > >Hmmm, what OS are you using?
> > >I suppose it's Windows. Have you already used "ODBC Data Source
> > >Administrator"? If you aren't  let's try it. It's located in
> > >Administrative
> > >tools (in Control panel). There are some tabpages:
> > >1) User DSN (stored in HKCU)
> > >2) System DSN (stored in HKLM - you can specify the ACL with regedt32)
> > >3) File DSN - you specify the file when you adding the DSN
> > >
> > >> I must garantee that only admin users can see this password by now.
> Any
> > >> other help
> > >
> > >You can do it with 2) System DSN with correct registry ACL on the DSN
> or
> > >with 3) File DSN with correct File ACL.
> >
> > Many acronyms. My clients are Windows. I really don't know how to make
> this
> > work. What is ACL ?
>
> ACL = access control list
> file ACL (in explorer mouse right click on file -> Properties -> tab
> Security)
> registry ACL (in regedt32 choose the key and in menu Security ->
> Permissions)
> DSN = ODBC DataSource
>
> Let's run "DataSources (ODBC)" or how is the manager named in Control
> Panel,
> define some DSN (User x System x File) and then let's try change the
> ACL for it in registry or in filesystem. Then you can verify it as admin
> and normal user.
>
> Feel free to ask more if something doesn't work as you expect.
> I hope I give you all informations what you need.
>
> Regards,
>
> Luf
>
> > >> 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> > >> >
> > >> >> I would like to know where is the password setted on the
> connection
> > >> >Dialog.
> > >> >> If it remains after the client shutdown it must be in some place
> in
> > >the
> > >> >hard
> > >> >> disk. I am afread about it. Can anyone tell me if someone can
> catch
> > >it
> > >> >> (hacker) ?
> > >> >
> > >> >It's stored in registry:
> > >> >System DSN:
> > >> >HKLM\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> > >> >All the users with access to the computer can read it (don't forgot
> > >> >the network registry access).
> > >> >
> > >> >User DSN:
> > >> >HKCU\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> > >> >If everything is properly only the user and Admin can read it.
> > >> >
> > >> >File DSN:
> > >> >in file
> > >> >All the users with access to the file can read it.
> > >> >
> > >> >Regards,
> > >> >
> > >> >Luf
> > >> >
> > >> >P.S. The admin could change the default ACL on registry tree.
>



-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
                                  Atenciosamente (Sincerely)
                        Ezequias Rodrigues da Rocha
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

In response to

Responses

pgsql-odbc by date

Next:From: Ludek FinstrleDate: 2007-01-22 15:02:03
Subject: Re: Password security [where is the password]
Previous:From: Ludek FinstrleDate: 2007-01-22 13:03:59
Subject: Re: Password security [where is the password]

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group