In 3.0RC4 we’re planning to encrypt the password in the properties file so it’s not human-readable.
Yup, noted, that’s a great improvement.
I talked to our security guys and they confirmed that everyone is right
If someone is an admin on the box then there is always a way they can get around anything you put in place - for example they can copy the entire database off to somewhere else and brute force it in their own time…for really (spook) secure systems they use multiple tokens etc etc
but
it is not best-practise to leave passwords in plain text on any system as it makes comprimising the data just so much easier without much effort or any audit trail
so
encrypting the passwords in 3.0 RC4, is a great improvement in system integrity and makes the system conform to accepted standards for most IT (non-military) systems.
Thanks to all for the contributions.
We will utilise the 3.0RC4 in our furture developments in Servoy to take advantage of this improvement.
Regards
Al.
Jan Blok:
In the property file we now encrypt the values for the keys containing the string “password” with keystore keys (can be default SSL one)
When you setup your database connections with the default keystore and later you decide to get your own SSL certificate what happens with the already encrypted properties file?
You need to type in all the passwords again or do you have a nice and easy migration-procedure for this?
yes you have to type them again
Thanks, I just wanted to clear that up here on the forum because I am certain this will generate a lot of questions when people start changing keys.
This new feature of encrypted passwords is nice, but the OS administrator can still start up the server with stacktrace on and then all non encrypted connectiondata, inclusing the DB passwords is still shown in the console and written to the logfile.
Paul
I’m not sure if any drivers do log this … but if they do … well there are more reasons explained why I said it’s “much safer” but not absolutely secure.
Someone with bad intentions can get far when having access at the server itself.
Looks to me Servoy does the logging, but I might be wrong:
2006-09-06 10:16:21,937 DEBUG [TaskExecuter[0]] com.servoy.j2db.util.Debug - driver=com.sybase.jdbc2.jdbc.SybDriver@d0570e
2006-09-06 10:16:21,937 DEBUG [TaskExecuter[0]] com.servoy.j2db.util.Debug - url=jdbc:sybase:Tds:localhost:2638?ServiceName=servoy_repository&CHARSET=utf8
2006-09-06 10:16:21,937 DEBUG [TaskExecuter[0]] com.servoy.j2db.util.Debug - connectionProperties={user=DBA, password=SQL}
Paul
Good point!, will be corrected in Servoy 3.0 rc5