Re: [Engine-devel] Dropping encryption of database password

From: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; To: "Eli Mesika" <emesika(a)redhat.com&gt; Cc: "engine-devel" <engine-devel(a)ovirt.org&gt;, "Yair Zaslavsky" <yzaslavs(a)redhat.com&gt;, "Juan Hernandez" <jhernand(a)redhat.com&gt; Sent: Wednesday, May 1, 2013 8:55:05 AM Subject: Re: Dropping encryption of database password ----- Original Message ----- > From: "Eli Mesika" <emesika(a)redhat.com&gt; > To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; > Cc: "engine-devel" <engine-devel(a)ovirt.org&gt;, "Yair Zaslavsky" > <yzaslavs(a)redhat.com&gt;, "Juan Hernandez" > <jhernand(a)redhat.com&gt; > Sent: Wednesday, May 1, 2013 3:45:06 AM > Subject: Re: Dropping encryption of database password > > > > ----- Original Message ----- > > From: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; > > To: "engine-devel" <engine-devel(a)ovirt.org&gt; > > Cc: "Yair Zaslavsky" <yzaslavs(a)redhat.com&gt;, "Eli Mesika" > > <emesika(a)redhat.com&gt;, "Juan Hernandez" <jhernand(a)redhat.com&gt; > > Sent: Tuesday, April 30, 2013 10:41:20 PM > > Subject: Dropping encryption of database password > > > > Hello, > > > > Currently we store database password encrypted using > > org.picketbox.datasource.security.SecureIdentityLoginModule. > > > > This is reverse encryption with common knowledge shared secret. > > > > Using encryption with common knowledge shared secret is close to void > > protection. > > > > So far we also stored the password as plain text at > > /etc/ovirt-engine/.pgpass, this is going to be removed as no component > > actually uses the .pgpass, however we do need to store non-java specific > > password in for utilities. > > > > In master (aiming to 3.3), we store the database connection details in > > own > > file /etc/ovirt-engine/engine.conf.d/50-setup-database.conf owned by > > ovirt > > user and not world readable. > > > > I would like to use the same 50-setup-database.conf to store plain text > > password and remove the java specific reversible encrypted password > > usage. > > > > Bottom line... > > 1. We drop the .pgpass file. > > 2. We store database connection information in > > /etc/ovirt-engine/engine.conf.d/<file> that is readable only by ovirt > > usage. > > 3. We drop the java specific reversible encryption in favor of plain > > text. > > > > Thoughts? > > I see no problem in the .pgpass , only root can access it (it has 0600 mode > , > if it doesn't it is ignored by PG) > Apart from that , this is the standard way used by PG so why not using it , > AFAIK this is considered safe & secured In another words you are for storing password as plain text.... :)

> > > > Alon > > >