Participants
guillermo arias
guillermo arias
Magnus Hagander
Magnus Hagander
Attachments
Show all attachments
Thread Outline
#1guillermo ariasguillermo arias
Jan 09, 2007
#2Magnus HaganderMagnus Haganderto guillermo arias (#1)
Jan 09, 2007

PGPASS.CONF ¿is there a way to protect it?

Started by guillermo ariasabout 19 years ago2 messagesgeneral
Jump to latest
#1guillermo arias
guillermo arias
guillermoariast@linuxwaves.com

<DIV style="font-family:Arial, sans-serif; font-size:10pt;"><FONT size="2"><SPAN style="font-family: Arial,sans-serif;">Hello, i am using PostgreSQL 8.2 in a Windows XP pc. I know that this file PGPASS.CONF stores the users with password, but because this is a plain txt file, it is easy for "curious" people to read the contents.<BR>By other way, if i do not write the password there, my users will have to write it when trying to connect to the PostgreSQL, and it is not desirable when i have an application in Windows.<BR>I have to say that my WinXP pc has the C: partition with FAT32, and the J: partition is NTFS. The PostgreSQL engine and database are installed in J:<BR><BR>My question is ¿how can i protect PGPASS.CONF? or if you have another idea for protecting the passwords i will be very thankfull to read it.<BR><BR>bye<BR><BR>Guillermo Arias, Lima- Perú<BR></SPAN></FONT><BR>&nbsp;<BR><HR>Get your FREE, LinuxWaves.com Email Now! --&gt; http://www.LinuxWaves.com&lt;BR&gt;Join Linux Discussions! --&gt; http://Community.LinuxWaves.com&lt;/DIV&gt;

#2Magnus Hagander
Magnus Hagander
magnus@hagander.net
In reply to: guillermo arias (#1)
Re: PGPASS.CONF ¿is there a way to p

guillermo arias wrote:

Hello, i am using PostgreSQL 8.2 in a Windows XP pc. I know that this
file PGPASS.CONF stores the users with password, but because this is a
plain txt file, it is easy for "curious" people to read the contents.
By other way, if i do not write the password there, my users will have
to write it when trying to connect to the PostgreSQL, and it is not
desirable when i have an application in Windows.
I have to say that my WinXP pc has the C: partition with FAT32, and the
J: partition is NTFS. The PostgreSQL engine and database are installed in J:

My question is ¿how can i protect PGPASS.CONF? or if you have another
idea for protecting the passwords i will be very thankfull to read it.

Use NTFS file permissions. If your XP is installed on C:, and you have
FAT32 on C:, you basically have zero security on your system anyway, so
there is not much point in protecting this one file - it'd be trivial to
get that and other data anyway.
Now, if XP is installed on != C:, you can redirect the user profile
directories to the NTFS drive and protect those (check google for help
on how) - but it really makes no sense if XP is on a FAT32 drive. If so,
your only real solution is to convert to NTFS and make sure you get the
proper security set on the files.

//Magnus

← Back to Topics