The RODBC package retains the unencrypted user ID and
password used on the odbcConnect() statement as part
of the database object. This unencrypted user ID and
password are then saved with the .RData and .RHist
files where they can potentially be discovered by
other users.
To recreate:
0) R version is 2.2.0 with corresponding download of
RODBC package
1) library(RODBC)
dbhandle<-odbcConnect("dbname",uid="user",pwd="")
2) display the user ID and password with
dbhandle
3) Quit
q()
4) Respond "Y" to the save data prompt
5) Edit the .Rdata file and search for the user name
and/or the password.
______________________________________________
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel
