FW: Processing Password Questions

Brian K. White brian at aljex.com
Tue Dec 27 17:14:36 PST 2005


----- Original Message ----- 
From: "Bob Stockler" <bob at trebor.iglou.com>
To: "Filepro-List" <filepro-list at lists.celestial.com>
Sent: Tuesday, December 27, 2005 7:10 PM
Subject: Re: FW: Processing Password Questions


> Gary Olman wrote (on Tue, Dec 27, 2005 at 06:49:18PM -0500):
>
> | You have told me before to use a site password. I guess I am just a 
> little
> | hesitant (also know as wuss).
> | What happens if in the middle of a automatic process the PW is 
> requested.
> | Or when will the PW be asked for. I have a client and I keep a copy of 
> his
> | processes
> | on my computer.  If I use the same site PW on him will I be okay.? I 
> have
> | about 8 fp processes
> | that run one after the other automatically, once the menu item is 
> started.
> |
> | PS I put this up on the fplist, I hope you don't mind
>
> Contrary to Nancy's advice, I advise NOT using site passwords.
>
> I've never seen the need for them, nor their benefit.
>
> On the other hand, I've seen a lot of instances where they were
> only the cause of problems (such as you experienced).
>
> How about a vote here?  All in favor or disfavor of using
> site passwords register your vote.
>
> Bob

I agree with Nancy and specifically for the reasons she stated.

We have always had the same site password installed since the first client 
several years before I came on, all clients get copies of the same fppath 
file (sometimes I edit the first 3 lines of course), and it's never caused a 
problem anywhere, although it has saved us from developing a problem a few 
times exactly the way Nancy described.

If you start off with all files have the same site password, and it's also 
the same as all your other sites, then nothing anywhere asks you for a 
password just as if there were no passwords installed.
Yet if someone changes the site pasword in ignorance, the change cannot go 
unnoticed and cause real problems later by having the wrong password written 
to a lot of files. The worst that can happen is new files can get created 
with the new password. Existing files (which must surely greatly outnumber 
new files) will all be left untouched and restoring a copy of the fppath 
file or using the menu choice to put the old password back manually, or 
copying the 4th line from your own fppath, will fix everything.

We have tons of automatic non-interactive processes on all our sites 
(including the windows sites though now they are a dwindling, almost gone 
number, we used to have many) and the site password causes no unexpected 
prompts or anything.

Also we routinely copy files between sites and ourselves and there is no 
problem.

It's completely transparent. So much so, that I don't even know what our 
site password actually is. Merely the same string of gobbledygook exists in 
all fppath files and all process tables on all sites as a natural  result of 
copy/tar/winzip/winrar/xfer/fpcopy/ftp/rsync etc...


However, if you start off with no site password anywhere in any files, and 
then some ignorant user or programmer stumbles through the menu choice that 
creates a site password, no one notices this very important change. (and it 
does happen occasionally)
After adding the site password, every time a process table is opened and 
saved, cabe nor anything else asks you for a password or alerts you that it 
is now adding one that didn't exist in the file it opened.
So, many files may silently gain a site password before anyone notices.

Thats' a worse problem because it may affect lot's of files and at best be 
tedious to fix on windows, and on unix too if you don't just happen to 
routinely write shell script loops for fun & profit.
Or at worst, files may become totally unrecoverable if any/many managed to 
get resaved without abe=ascii.

Brian K. White  --  brian at aljex.com  --  http://www.aljex.com/bkw/
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro  BBx    Linux  SCO  FreeBSD    #callahans  Satriani  Filk!



More information about the Filepro-list mailing list