Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text

Joe,

You took a good first step in setting up authenication to use MD5 by 
default.  Now, (as a new community member) I have a few questions to 
determine what encrypting the password would accomplish.

What would such an encryption protect against?  You can explicitly set the 
permissions on your Application Data directory to refuse "All Users" read 
permission; on my WinXP box, the Postgres directory under App Data only 
explicitly allows access from myself, the Administrator, or SYSTEM.  I'm 
not a Windows expert so I don't know if "read" permissions are implied by 
virtue of not having "read" restrictions...

So, if you've secured the file so that only you can read it, the next step 
is to secure the file so that if someone logs in as you and gets the file, 
they can only see encrypted bytes in the password file.  But let me ask - 
if someone can login as you, can't they login to your PG datbases anyway, 
by virtue of your having saved your passwords?

Even if it were trivial to encrypt the password, we'd have to figure out 
how to encrypt it securely, because trivial encryption methods are broken 
easily.  Since pgAdmin is designed to be more of a "maintenance" tool than 
an "end user" tool, it is considered to be more "protected" from 
intrusion; compare this with the passwords being sent over the wire, which 
can be encrypted with MD5 because they are not as protected as a 
limited-use maintenance tool.

Hope this helps,
-Josh