On Fri, Mar 20, 2015 at 07:26:07AM -0400, Kingsley Idehen wrote: > Some of us see the perceived "simplicity" of passwords as the mother > of all vulnerabilities, in a network environment.
We're not using isql over the network, only locally. isql is only used to drive the scripts that configure virtuoso and load data. The scripts themselves are delivered via ssh (typically pubkey auth) and/or puppet over https (with client certs). Actual network data use is over a SPARQL endpoint. Which is read-only. For our usage model, a password-based approach doesn't seem (too) bad. certs are indeed easy to generate. But they require ongoing monitoring and management to deal with cert expiration. I'm happy to deal with that when the security model warrants it, but prefer to avoid it otherwise. > There is an isql-odbc variant of isql which can read passwords from > an INI file. Currently, that's missing from our releases, but it > will be added, following this conversation. Excellent! Thanks. :) - Morty ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Virtuoso-users mailing list Virtuoso-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/virtuoso-users
