[Zope] Secure database access
Dario Lopez-Kästen
dario@ita.chalmers.se
Thu, 2 May 2002 08:14:32 +0200
From: "Toby Dickenson" <tdickenson@geminidataloggers.com>
> Yes, that is the key difference that makes your proposed topology secur=
e.
>
> > However, I would be surprised
> >if the Oracle client software would transmit plaintext
> >passwords. Surely not in this day and age!
>
> I didnt mean the password that zope provides to oracle, but rather the
> passwords that your users provide to zope (via apache). Yes, they are
> plaintext.
>
and actualy, unless you use Oracle's Advanced Networking Option, SQL*Net
will not encrypt anything...
/dario
- --------------------------------------------------------------------
Dario Lopez-Kästen, dario@ita.chalmers.se IT Systems & Services
System Developer/System Administrator Chalmers University of Tech.