The other we normally do is fix the mysql user so that the user can only connect to a given db on a given host (e.g. maildb on localhost) and that is the only way to connect to that db other than as root.
-- Jason > -----Original Message----- > From: Serge Knystautas [mailto:[EMAIL PROTECTED] > Sent: 10 September 2003 14:42 > To: James Users List > Subject: Re: Securing JAMES database connections > > > Steve Brewin wrote: > >>Just make make config.xml readable only by the account running the > >>James > > server. > > > > Works fine technically. The trouble is that copies of files > containing > > secure information do proliferate - as backups, in test > environments, > > in support requests, etc. Having sensitive information, such as > > passwords, encrypted gives a level of protection in such cases. > > Every application that connects to the database has the same > issue. I > don't know of any web-app containers (Java or Python or Perl > or PHP or > any other language) that does anything special about storing > the account > information, unless you want to do everything on NT and do trusted > connections. > > -- > Serge Knystautas > President > Lokitech >> software . strategy . design >> > http://www.lokitech.com p. 301.656.5501 e. > [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
