Security issue with sql.ini

forum.advanced.programming (1998-2005)
Larry Borok

Security issue with sql.ini

Post by Larry Borok » 16 Mar 2005, 00:13

 Posted by:  Larry Borok 

Hi,

I have a data mining app written in TD 2.1 connecting to Oracle. Just sold
it to an insurance company, and they say that the sql.ini in the client
directory violates their security because it is an accessible text file that
has userid/password info to the database. Any suggestions?

Thank you,

Larry Borok

User avatar
Charlie
Canada
Posts: 655
Joined: 07 Mar 2017, 18:52
Location: Fredericton, New Brunswick, Canada

Re: Security issue with sql.ini

Post by Charlie » 16 Mar 2005, 15:16

 Posted by:  Jason Veniot 

G'day,

How about removing the userid/password from SQL.INI and putting them in some
other encrypted file to be read and decrypted by your app. If they don't
like that, then make them enter the user id and password each time they run
the app.

Martin Duty

Re: Security issue with sql.ini

Post by Martin Duty » 17 Mar 2005, 15:30

 Posted by:  Martin Duty 

I agree with your client. Take the password and userid out. Make them login
manually.

Larry Borok

Re: Security issue with sql.ini

Post by Larry Borok » 21 Mar 2005, 18:48

 Posted by:  Larry Borok 

Thanks, Martin. I've taken them out and it works fine.

Larry

Return to “advanced.programming”

Who is online

Users browsing this forum: [Ccbot] and 0 guests