RFC-18: Encryption of passwords in mapfiles

Stephen Woodbridge woodbri at SWOODBRIDGE.COM
Tue May 30 12:57:03 EDT 2006


Frank Warmerdam wrote:
> Daniel Morissette wrote:
>> Note that one of the real benefits of this is that it protects the 
>> passwords in backups (as long as the key is not included in the 
>> backup), when transferring the mapfile over insecure medias, and 
>> prevents plain text passwords from showing up in error messages or log 
>> files (not sure if any password was ever exposed this way though).
> 
> Steve / Daniel,
> 
> GDAL/OGR routinely reports errors and debug messages showing the whole
> connection string for RDBMS's which typically would have included the
> visible password.  So I think this RFC is most useful for avoiding 
> clear-text
> passwords in error messages and so forth.
> 
> Hmm, but come to think of it, we need to do the password decryption before
> passing the string to OGROpen(), so this isn't going to help for anything
> other than pure mapserver level error message.  Ugg.

Unless you implement encrypted passwords in OGROpen and the decryption 
happens there. I think most databases do NOT show passwords in error 
messages. some maybe you should remove them in OGR error messages.

-Steve

> OK, I'm not *too* excited about this RFC myself.
> 
> Best regards,



More information about the mapserver-dev mailing list