Re: [Engine-devel] Dropping encryption of database password
----- Original Message -----
From: "Josh Bressers" <bressers(a)redhat.com>
To: "Eli Mesika" <emesika(a)redhat.com>
Cc: "Alon Bar-Lev" <alonbl(a)redhat.com>, "Juan Hernandez"
<jhernand(a)redhat.com>, "engine-devel"
<engine-devel(a)ovirt.org>, "pmatouse" <pmatouse(a)redhat.com>
Sent: Wednesday, May 1, 2013 6:40:26 PM
Subject: Re: [Engine-devel] Dropping encryption of database password
> >
> > In another words you are for storing password as plain text.... :)
>
> If the file is protected , I don't mind that the password is in plain
> text...
>
Hi all,
Hello,
Itamar pointed me at this thread. I'm part of the Red Hat Product
Security
Team, we exist to help various projects and products with security needs
(such as advice in this instance).
I can't really comment on this without understanding some of the background
(sorry for not being up to speed, I don't have time to research this
today and I'm away tomorrow so my replies may be slow).
Can you explain to me what the passwords in question are used for?
The password of the user used to access the database.
Regards,
Alon
Thanks.
--
Josh Bressers / Red Hat Product Security Team