[Engine-devel] Dropping encryption of database password

Josh Bressers bressers at redhat.com
Wed May 1 15:40:26 UTC 2013


> > 
> > In another words you are for storing password as plain text.... :)
> 
> If the file is protected , I don't mind that the password is in plain text...
> 

Hi all,

Itamar pointed me at this thread. I'm part of the Red Hat Product Security
Team, we exist to help various projects and products with security needs
(such as advice in this instance).

I can't really comment on this without understanding some of the background
(sorry for not being up to speed, I don't have time to research this
today and I'm away tomorrow so my replies may be slow).

Can you explain to me what the passwords in question are used for?

Thanks.

-- 
Josh Bressers / Red Hat Product Security Team



More information about the Devel mailing list