johnf wrote: > On Monday 10 December 2007 02:50:04 pm Ricardo Aráoz wrote: >> johnf wrote: >> (snip...) >> >>> Right off the bat let me say the easiest way to setup a connection is to >>> use the “CxnEditor.py” app. It works and and is a great example of Dabo >>> eating it's own dog food (CxnEditor was created using Dabo). I use it >>> for my projects and if there was a better way - I'd use it. But it >>> really does not do much (all the real work is done in the framework). >>> CxnEditor creates a XML file that contains the parameters required by the >>> python connection interface that applies to your database. Like user >>> name, password, host, database name or anything else that is needed to >>> allow a database connection. >> Hi, so CxnEditor creates a XML file. Now you have in an ASCII file your >> sensitive information (user, password - of course it will be a user with >> append/update/delete rights) for anyone to see. My question is, how >> would you manage the database security? >> >> TIA > > Currently, there is little real security. Although the password has > encryption. However, it is very easy to subclass the login.py routines and > add real security and still use the XML files. But for the purposes of the > tutorial what CxnEditor provides is enough. > > But here's a question. What are you using for database security? I have > seen ODBC connections that use 'sa' and the same password for everyone that > used the program. I have seen RSA key fobs that cost a $100.00 for each > seat. What would you like to see in Dabo? >
Was thinking about something that combines a user given password with "something else" to obtain the DB password, nothing too fancy, though I guess I would have to find a way to obscure the "something else". _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-users Searchable Archives: http://leafe.com/archives/search/dabo-users This message: http://leafe.com/archives/byMID/dabo-users/[EMAIL PROTECTED]
