Re: RFC: common database policy/infrastracture
On Thu, 16 Dec 2004 14:55:29 +0100 (CET), Andreas Tille <email@example.com> wrote:
> On Thu, 16 Dec 2004, Olaf van der Spek wrote:
> > Because system passwords aren't 'needed' by any applications to
> > authenticate themselves to the system, while database passwords are.
> No, they are not needed in the file system. They are needed inside
> the database and they are save there (assumed that the database server
Yes, but that's the other side of the authentication end. This is
about the client, not the server.
> has no bugs).
> > True, but how many database apps work without storing the password?
> At least these that do authentification directly against the database
> should not store their passwords in an extra file. This is the case
> for the application I'm currently working on (GnuMed) where the
> client does the authentication via user interaction.
Is that the majority or the minority of applications?
Take for example a web application like a forum. It requires the
password so it can connect to the database. It can't/won't ask the
password from the user.