[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [dtp-dev] BZ Bug 163502 - db connection password is stored in clear text
|
Hi
I vote to have the field removed and leave the implementation of
capturing that info to the DTP extender.
Anthos
On 06/02/2007, at 6:03 AM, rcernich@xxxxxxxxxx wrote:
Hey all,
https://bugs.eclipse.org/bugs/show_bug.cgi?id=163502
We are considering a solution to this bug but would like to get some
feedback before implementing it. The problem is that the driver
template, which can specify user ID and password defaults, is
specified in plugin.xml and unencrypted. The two options that are
being floated around are:
1) Suggest that people not include the default password as a
property in their driver template, since it is not encrypted.
2) In the Driver Edit dialog, where the driver template properties
are listed with their defaults, we should remove the masking for the
password property to show more clearly that it is unencrypted.
What do you think about removing the masking of the password for
driver definitions? The encryption and password masking would stay
in place for profiles, which are minimally encrypted at this point.
But we would show the password (if included) for driver templates in
plaintext.
I think it's important to point out that this information is used
solely
for initializing fields in the new connection profile wizard. The
initial
use case was to have these values (UID/PWD) defaulted to well known
(i.e.
documented) values. For example, the uid/pwd for a sample DB
included as
part of the install; or, less likely, the default admin uid/pwd for a
server (e.g. "sa"/"" for ASE). It was not intended for specifying
specific
credentials for a specific user (although it can be, which I think
is part
of the problem).
Anyway, my vote would be to remove the password field. If this
isn't the
"winning" proposition, I think the property name should be changed to
"Default password" (as should the other properties in the driver
definition; i.e. they should be prefixed with "default").
Rob
_______________________________________________
dtp-dev mailing list
dtp-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dtp-dev