Re: Password security [where is the password]

I know that the correct odbc usage (on windows) is with a "Application
Server" on only one machine, but now we only have the capability to use
direct connection.

Further more in the future we will implement a server application. Now I
have another question:

My clients are Fat32 and I don't meant to change all clients to NTFS so my
Security TAB doesn't appears (I consider it occurs becouse the Filesystem).

Did I correct ?

Thank you so much for the explanations.

Regards

2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
>
> Mon, Jan 22, 2007 at 10:48:15AM -0200, Ezequias Rodrigues da Rocha
> napsal(a):
> > 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> > >Mon, Jan 22, 2007 at 09:39:17AM -0200, Ezequias Rodrigues da Rocha
> > >napsal(a):
> > >> The latest item (FILE) where is it specifically?
> > >
> > >Hmmm, what OS are you using?
> > >I suppose it's Windows. Have you already used "ODBC Data Source
> > >Administrator"? If you aren't let's try it. It's located in
> > >Administrative
> > >tools (in Control panel). There are some tabpages:
> > >1) User DSN (stored in HKCU)
> > >2) System DSN (stored in HKLM - you can specify the ACL with regedt32)
> > >3) File DSN - you specify the file when you adding the DSN
> > >
> > >> I must garantee that only admin users can see this password by now.
> Any
> > >> other help
> > >
> > >You can do it with 2) System DSN with correct registry ACL on the DSN
> or
> > >with 3) File DSN with correct File ACL.
> >
> > Many acronyms. My clients are Windows. I really don't know how to make
> this
> > work. What is ACL ?
>
> ACL = access control list
> file ACL (in explorer mouse right click on file -> Properties -> tab
> Security)
> registry ACL (in regedt32 choose the key and in menu Security ->
> Permissions)
> DSN = ODBC DataSource
>
> Let's run "DataSources (ODBC)" or how is the manager named in Control
> Panel,
> define some DSN (User x System x File) and then let's try change the
> ACL for it in registry or in filesystem. Then you can verify it as admin
> and normal user.
>
> Feel free to ask more if something doesn't work as you expect.
> I hope I give you all informations what you need.
>
> Regards,
>
> Luf
>
> > >> 2007/1/22, Ludek Finstrle <luf(at)pzkagis(dot)cz>:
> > >> >
> > >> >> I would like to know where is the password setted on the
> connection
> > >> >Dialog.
> > >> >> If it remains after the client shutdown it must be in some place
> in
> > >the
> > >> >hard
> > >> >> disk. I am afread about it. Can anyone tell me if someone can
> catch
> > >it
> > >> >> (hacker) ?
> > >> >
> > >> >It's stored in registry:
> > >> >System DSN:
> > >> >HKLM\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> > >> >All the users with access to the computer can read it (don't forgot
> > >> >the network registry access).
> > >> >
> > >> >User DSN:
> > >> >HKCU\Software\ODBC\ODBC.INI\<DSN name> in string value Password.
> > >> >If everything is properly only the user and Admin can read it.
> > >> >
> > >> >File DSN:
> > >> >in file
> > >> >All the users with access to the file can read it.
> > >> >
> > >> >Regards,
> > >> >
> > >> >Luf
> > >> >
> > >> >P.S. The admin could change the default ACL on registry tree.
>

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Atenciosamente (Sincerely)
Ezequias Rodrigues da Rocha
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/