[Zope-DB] Plaintext Password Concerns

[Jim Penny]

On Thu, May 15, 2003 at 04:00:41PM -0400, David A. Riggs wrote:
> Our University would like to give out Zope accounts for
> groups of students so they may experiment and work on
> various projects. One key feature that people would like
> to use is connectivity to a PostgreSQL database.
> 
> We take security very seriously and would like some way
> around storing plaintext passwords in the connection
> strings for the Psycopg Database Connectors. Has anyone
> come up with some alternative to this or a solution to
> this possible security hazard?
> 
> 
> David A. Riggs
> lukewarm@ultrasoul.com
> West Virginia University CS/EE
> 

Two Answers:

1)  It is OK that users share the connections to postgresql.

  put the pyscopgda in the root of your Zopes, and build a separate
  folder for each user.   Do not allow them to view root.  That should
  be enough.

2)  Each user gets a separate database and thus requires a separate
    connection.

  Build a separate folder for each user.  Put the database connector in
  that folder.  Deny the user the right to view this folder.  Now put
  another folder, say sandbox inside the user's folder.  grant the user
  admin rights to this folder.  Use rewrite rules so that 
  http://host/userid is remapped to http://host/userid/sandbox.
  This should be plenty.

Jim Penny