I'm fairly certain this should be a community wiki, but I don't know how to make it one. So if an admin sees this please change if appropriate.
So… how do you protect your PostGIS database data when using QGIS 1.7? (I am using QGIS 1.7 and PostGIS 1.5)
The reason I ask is that I opened a QGIS project file in notepad++ to alter the host value in my datasource string as we recently had a server change its name. When I was editing the project file in notepad++ I saw plain as day the user name and password to the database like shown below.
<datasource>dbname='spatialdb' host=gis port=9999 user='generaluser'
password='gisv13wer' sslmode=disable key='gid'
table="gisprod"."aq_pipeline" (the_geom) sql=</datasource>
This does seem to be somewhat of a double edged sword because I like the fact that I could easily edit the host value in my datasource string so that I didn't lose my projects, but I am uncomfortable with the fact that the database credentials are sitting there unencrypted and for the world to see so to speak.
As a contingency I've placed all my project files which use my admin account into a folder which now only I can access. But I don't think this is ideal.
As the GIS Administrator I am responsible for the spatial databases integrity and I am concern that I have just exposed my whole database to anyone who is curious enough to get in. I'm a bit bummed I missed this when we were evaluating QGIS.
So how do you manage this risk if you are in a similar situation? Is my contingency good enough for a production environment or would I be better off putting in a QGIS feature request to address the problem?
Best Answer
Don't check "Save passwords" (and/or "Save username") in the connection - and QGIS will ask for credentials when it needs them.