Bug 163502 - db connection password is stored in clear text in driver template [message #26114] |
Mon, 05 February 2007 18:19 |
Eclipse User |
|
|
|
Originally posted by: brianf.sybase.com
Hi all...
https://bugs.eclipse.org/bugs/show_bug.cgi?id=163502
We are considering a solution to this bug but would like to get some
feedback before implementing it. The problem is that the driver template,
which can specify user ID and password defaults, is specified in plugin.xml
and unencrypted. The two options that are being floated around are:
1) Suggest that people not include the default password as a property in
their driver template, since it is not encrypted.
2) In the Driver Edit dialog, where the driver template properties are
listed with their defaults, we should remove the masking for the password
property to show more clearly that it is unencrypted.
What do you think about removing the masking of the password for driver
definitions? The encryption and password masking would stay in place for
profiles, which are minimally encrypted at this point. But we would show the
password (if included) for driver templates in plaintext.
Thanks in advance.
--Brian Fitzpatrick
Sr. Software Engineer/DTP Committer
Sybase, Inc.
|
|
|
Powered by
FUDForum. Page generated in 0.02613 seconds