Re: [Gnumed-devel] Approaches to provide adequate security

[Karsten Hilbert]

On Tue, May 02, 2006 at 10:14:28AM +1000, Tim Churches wrote:

> > - - is it built-in or easily added to GNUmed to be able to specify
> > minimum requirements for a valid password? Presumably these are stored
> > encrypted to that while an administrator could over-write a password,
> > they could not know the actual password that had been used?
> 
> PG stores passwords in salted hash form (there is a config option for
> what sort of hash, I think - MD5 is deafult, which is fine) but it would
> be up to GNUmed to enforce rules on passwords (assuming GNUmed
> supervises password set-up and changing).
It does have user management functions so it could. However,
managing users is not limited to be done through a GNUmed
client. All in all the final repository of a password would
have to reject it if it's too weak according to the setup -
which can be achieved to have PostgreSQL use PAM and
configure PAM to check passwords.

> Yes, you really should encrypt database dumps before storing them on
> removable media, which is particularly vulnerable to loss or theft (eg
> from briefcases left in cars etc). Using a public/private key pair with
> gpg (GnuPG) works well because you don't need to store the private key
> on the server where the db dumps will be encrypted, just the public key.
Good idea.

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346