Re: [Dbmail] Database password encryption in dbmail.conf

Wed, 27 Jun 2018 11:56:40 -0700

That is correct. I was looking to secure DB access by encrypting the credentials in the configuration file.
I know about setting permissions, but that is quite a lightweight and ineffective measure. 


Unix sockets implies a single tier hardware deployment. That as well 
does not suit the multi-tiered, firewall protected deployment to protect 
the Database tier. Clearly if I protect the DB tier, and then write the 
password in clear in the configuration file of the tier directly exposed 
to users, then the security of the DB is also reduced.


This is a security issue.


On 27/06/18 07:23, Thomas Raschbacher wrote:


Hi.


I think Mauro meant if it is possible to have the Database credentials 
themselves encrypted in dbmail.conf. - To answer that: I don't think 
that is possible, but if you configure permissions properly (0600 or 
maybe 0660 then noone but the dbmail user and root should have access 
to it) - or depending on which Database you use you could look into 
using unix sockets instead of tcp/ip


Regards

On 2018-06-25 08:24, Andrea Brancatelli wrote:


Password encryption is mostly transparent on the application side, 
you just have to choose an encryption method when you create an user 
with dbmail-users - the password will be encrypted on the db and 
DBMail will handle it transparently.


---
*Andrea Brancatelli *

On 2018-06-23 14:05, Mauro Mozzarelli wrote:

    Hi All,


    I am new to this list, thus apologies if the question was asked before.

    How do I configure securely the database authentication credentials in

    dbmail.conf?


    Is there a way to encrypt the password?


    Thank you in advance,

    Mauro

    _______________________________________________
    DBmail mailing list
    DBmail@dbmail.org <mailto:DBmail@dbmail.org>
    http://lists.nfg.nl/mailman/listinfo/dbmail


_______________________________________________
DBmail mailing list
DBmail@dbmail.org <mailto:DBmail@dbmail.org>
http://lists.nfg.nl/mailman/listinfo/dbmail





_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://lists.nfg.nl/mailman/listinfo/dbmail



_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://lists.nfg.nl/mailman/listinfo/dbmail






















					Reply via email to