Re: Minimising windows installer password confusion
| От | Craig Ringer |
|---|---|
| Тема | Re: Minimising windows installer password confusion |
| Дата | |
| Msg-id | 4FD92640.7090707@postnewspapers.com.au обсуждение исходный текст |
| Ответ на | Re: Minimising windows installer password confusion (Dave Page <dpage@pgadmin.org>) |
| Список | pgsql-hackers |
On 06/13/2012 05:10 PM, Dave Page wrote: > The idea of storing the password in clear text in the registry gives > me nervous twitches. Me too. It's horrible, and I really dislike the idea. I can't imagine that Microsoft don't have a better solution to this. I talked to some Microsoft people at an event yesterday, and they said that they just don't use completely isolated user accounts for services. Microsoft's services install into the three standard service access levels: LocalService NetworkService LocalSystem as mentioned: http://msdn.microsoft.com/en-us/library/ms143504.aspx http://msdn.microsoft.com/en-us/library/windows/desktop/ms686005(v=vs.85).aspx ... so maybe the answer is that we're trying to do it too UNIX-ish (ie: securely) and we should by default use the NetworkService, allowing users to change the service account if they want to as an advanced feature. Personally I think that'd be better than the current situation, which is not user friendly, and has a much lower squick-factor than storing passwords in the registry. This'd also solve issues with other Pg installs; we just switch smoothly over to installing in NetworkService by default, giving users a radiobox to switch to "custom service user account" where the name "postgres" is prefilled. -- Craig Ringer POST Newspapers 276 Onslow Rd, Shenton Park Ph: 08 9381 3088 Fax: 08 9388 2258 ABN: 50 008 917 717 http://www.postnewspapers.com.au/
В списке pgsql-hackers по дате отправления: