Re: [Engine-devel] Dropping encryption of database password

From: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; To: "Keith Robertson" <kroberts(a)redhat.com&gt; Cc: "Juan Hernandez" <jhernand(a)redhat.com&gt;, "engine-devel" <engine-devel(a)ovirt.org&gt;, "pmatouse" <pmatouse(a)redhat.com&gt; Sent: Wednesday, May 1, 2013 9:40:13 PM Subject: Re: [Engine-devel] Dropping encryption of database password ----- Original Message ----- > From: "Keith Robertson" <kroberts(a)redhat.com&gt; > To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; > Cc: "Josh Bressers" <bressers(a)redhat.com&gt;, "Juan Hernandez" > <jhernand(a)redhat.com&gt;, "engine-devel" > <engine-devel(a)ovirt.org&gt;, "pmatouse" <pmatouse(a)redhat.com&gt;, "Sandro > Bonazzola" <sbonazzo(a)redhat.com&gt; > Sent: Wednesday, May 1, 2013 9:31:15 PM > Subject: Re: [Engine-devel] Dropping encryption of database password > > On 05/01/2013 02:16 PM, Alon Bar-Lev wrote: > > Thank you. > > This is what I wrote in my initial post. > > The only users who should access this password is ovirt user and root > > user. > > > > Regards, > > Alon Bar-Lev. > > > >> > > Alon, > I agree with the desire to store the PW in plaintext and in a > non-obfuscated manner. In this case, obfuscation really doesn't gain > anything. > > I would suggest; however, that the migration to plaintext be coordinated > with a simultaneous patch to the the Log Collector. It does have a > dependency on the current architecture. > > Keith > Hi, As far as I know it reads the plain text from .pgpass, we need to modify it to search within the alternate format as well.

Thanks, Alon _______________________________________________ Engine-devel mailing list Engine-devel(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel