Re: [Gnumed-devel] Re: bootstrap*

[Karsten Hilbert]

> > 3. You can store passwords for postgres and gm-dbowner as clear-text in
> > the .conf file which impairs security.
> I had some private discussion with Karsten about this topic when I tried
> to build Debian-packages from Gnumed.  My preliminary work can be
> found at
> 
>       http://people.debian.org/~tille/packages/gnumed/
> 
> PLEASE NOTE THE BOTTOM OF THIS PAGE and make sure that you understand
> that these are not yet finished packages.

> Back to the topic of passwords.  At least the Debian flavour of
> PostgreSQL has the authentification method "auth"

>    So I did the bootstrap shell script via
> 
>    su - postgres -c "/usr/sbin/bootstrap-gm_db_system.py 
> --log-file=${LOGFILE} \
>         --conf-file=/etc/gnumed/bootstrap-gm_db_system.conf"
> 
>    which enabled me to leave the password for postgres user blank (which
>    reduces the number of passwords to store or type in by one).
> 
> The problem with the password of gm-dbowner remains.  I had quite a
> hacking solution on the harddisk of my Laptop which completely lost
> all data yesterday (well it was just the work of 1 hour, so no big
> desaster - but this hack is gone away).  I decided just to start a
> discussion about the right way to handle this problem.

Andreas,

would it be acceptable to pass in passwords via the
command line ?

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346