[Engine-devel] Dropping encryption of database password

Alon Bar-Lev alonbl at redhat.com
Wed May 1 18:40:13 UTC 2013



----- Original Message -----
> From: "Keith Robertson" <kroberts at redhat.com>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: "Josh Bressers" <bressers at redhat.com>, "Juan Hernandez" <jhernand at redhat.com>, "engine-devel"
> <engine-devel at ovirt.org>, "pmatouse" <pmatouse at redhat.com>, "Sandro Bonazzola" <sbonazzo at redhat.com>
> Sent: Wednesday, May 1, 2013 9:31:15 PM
> Subject: Re: [Engine-devel] Dropping encryption of database password
> 
> On 05/01/2013 02:16 PM, Alon Bar-Lev wrote:
> > Thank you.
> > This is what I wrote in my initial post.
> > The only users who should access this password is ovirt user and root user.
> >
> > Regards,
> > Alon Bar-Lev.
> >
> >> >
> Alon,
> I agree with the desire to store the PW in plaintext and in a
> non-obfuscated manner.  In this case, obfuscation really doesn't gain
> anything.
> 
> I would suggest; however, that the migration to plaintext be coordinated
> with a simultaneous patch to the the Log Collector.  It does have a
> dependency on the current architecture.
> 
> Keith
> 

Hi,

As far as I know it reads the plain text from .pgpass, we need to modify it to search within the alternate format as well.

Thanks,
Alon



More information about the Devel mailing list