Hi again, I saw that my previous email (below) got mangled after my web-mailer newly defaults to HTML format.
Following up, I want to let you know that I now opened a PR: https://github.com/OSGeo/gdal/pull/6797 in order to address the issue I encountered with login credentials on the command line, when connecting to MS SQL without TrustedConnection. I am no C++ dev, so any feedback would be greatly appreciated. On my dev setup I currently have no access to MS SQL, so I have not tested the logic yet, but plan to do so early next week. Feedback, on the principle implementation, obvious coding mistakes or documentation and the like can be addressed also before... Kind regards, and thanks for keeping GDAL great! Stefan Gesendet: Montag, 21. November 2022 um 15:26 Uhr Von: "Stefan Blumentrath" <stefan.blumentr...@gmx.de> An: gdal-dev@lists.osgeo.org Betreff: [gdal-dev] MSSQL ODBC and password security Hi, recently I have been struggling with secure handling of my username and password in ODBC connections to MS SQL when using GDAL/OGR. From my understanding, username and password are not read from odbc.ini files, so I cannot specify a DSN where username and password are predefined in that file... So, the only alternatives are a) using trusted connctions and kerberos or b) provide username and password in the connection string. Unfortunately, a) is not available to me. While a file name with username and password is not ideal, providing username and password on the commandline seems worse, as it leaks many places. I guess not reading username and password from odbc.ini is a limitation that originates from unixODBC / FreeTDS. However, it would be great to avoid providing password on the command line in GDAL. If could use environment variables or a passwordfile (like .pgpass with PostgreSQL) that would be great. My question is, did I overlook an option to securly handle login info in MSSQL ODBC connections in GDAL? Cheers Stefan _______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/gdal-dev _______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/gdal-dev
