[Engine-devel] Dropping encryption of database password
Alon Bar-Lev
alonbl at redhat.com
Wed May 1 15:58:12 UTC 2013
----- Original Message -----
> From: "Josh Bressers" <bressers at redhat.com>
> To: "Eli Mesika" <emesika at redhat.com>
> Cc: "Alon Bar-Lev" <alonbl at redhat.com>, "Juan Hernandez" <jhernand at redhat.com>, "engine-devel"
> <engine-devel at ovirt.org>, "pmatouse" <pmatouse at redhat.com>
> Sent: Wednesday, May 1, 2013 6:40:26 PM
> Subject: Re: [Engine-devel] Dropping encryption of database password
>
> > >
> > > In another words you are for storing password as plain text.... :)
> >
> > If the file is protected , I don't mind that the password is in plain
> > text...
> >
>
> Hi all,
Hello,
> Itamar pointed me at this thread. I'm part of the Red Hat Product Security
> Team, we exist to help various projects and products with security needs
> (such as advice in this instance).
>
> I can't really comment on this without understanding some of the background
> (sorry for not being up to speed, I don't have time to research this
> today and I'm away tomorrow so my replies may be slow).
>
> Can you explain to me what the passwords in question are used for?
The password of the user used to access the database.
Regards,
Alon
>
> Thanks.
>
> --
> Josh Bressers / Red Hat Product Security Team
>
More information about the Engine-devel
mailing list