----- Original Message -----
From: "Keith Robertson" <kroberts@redhat.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: "Josh Bressers" <bressers@redhat.com>, "Juan Hernandez" <jhernand@redhat.com>, "engine-devel" <engine-devel@ovirt.org>, "pmatouse" <pmatouse@redhat.com>, "Sandro Bonazzola" <sbonazzo@redhat.com> Sent: Wednesday, May 1, 2013 9:31:15 PM Subject: Re: [Engine-devel] Dropping encryption of database password
On 05/01/2013 02:16 PM, Alon Bar-Lev wrote:
Thank you. This is what I wrote in my initial post. The only users who should access this password is ovirt user and root user.
Regards, Alon Bar-Lev.
Alon, I agree with the desire to store the PW in plaintext and in a non-obfuscated manner. In this case, obfuscation really doesn't gain anything.
I would suggest; however, that the migration to plaintext be coordinated with a simultaneous patch to the the Log Collector. It does have a dependency on the current architecture.
Keith
Hi, As far as I know it reads the plain text from .pgpass, we need to modify it to search within the alternate format as well. Thanks, Alon