Обсуждение: PGPASS.CONF ¿is there a way to protect it?
Hello, i am using PostgreSQL 8.2 in a Windows XP pc. I know that this file PGPASS.CONF stores the users with password, but because this is a plain txt file, it is easy for "curious" people to read the contents.
By other way, if i do not write the password there, my users will have to write it when trying to connect to the PostgreSQL, and it is not desirable when i have an application in Windows.
I have to say that my WinXP pc has the C: partition with FAT32, and the J: partition is NTFS. The PostgreSQL engine and database are installed in J:
My question is ¿how can i protect PGPASS.CONF? or if you have another idea for protecting the passwords i will be very thankfull to read it.
bye
Guillermo Arias, Lima- Perú
Get your FREE, LinuxWaves.com Email Now! --> http://www.LinuxWaves.com
Join Linux Discussions! --> http://Community.LinuxWaves.com
By other way, if i do not write the password there, my users will have to write it when trying to connect to the PostgreSQL, and it is not desirable when i have an application in Windows.
I have to say that my WinXP pc has the C: partition with FAT32, and the J: partition is NTFS. The PostgreSQL engine and database are installed in J:
My question is ¿how can i protect PGPASS.CONF? or if you have another idea for protecting the passwords i will be very thankfull to read it.
bye
Guillermo Arias, Lima- Perú
Get your FREE, LinuxWaves.com Email Now! --> http://www.LinuxWaves.com
Join Linux Discussions! --> http://Community.LinuxWaves.com
guillermo arias wrote: > Hello, i am using PostgreSQL 8.2 in a Windows XP pc. I know that this > file PGPASS.CONF stores the users with password, but because this is a > plain txt file, it is easy for "curious" people to read the contents. > By other way, if i do not write the password there, my users will have > to write it when trying to connect to the PostgreSQL, and it is not > desirable when i have an application in Windows. > I have to say that my WinXP pc has the C: partition with FAT32, and the > J: partition is NTFS. The PostgreSQL engine and database are installed in J: > > My question is ¿how can i protect PGPASS.CONF? or if you have another > idea for protecting the passwords i will be very thankfull to read it. Use NTFS file permissions. If your XP is installed on C:, and you have FAT32 on C:, you basically have zero security on your system anyway, so there is not much point in protecting this one file - it'd be trivial to get that and other data anyway. Now, if XP is installed on != C:, you can redirect the user profile directories to the NTFS drive and protect those (check google for help on how) - but it really makes no sense if XP is on a FAT32 drive. If so, your only real solution is to convert to NTFS and make sure you get the proper security set on the files. //Magnus