Wayne Willcox schrieb:
On Tue, Dec 06, 2005 at 02:58:15PM -0500, Jim Drash wrote:
Don't put the user names or passwords in the script put them in a file
only readable by SYSTEM
> that would not solve the requirement of protecting the passwords
> if the disk was stolen. The scripts are supposedly already
> readable by system and admin only.
>
That's exactly what I mean (they are already readable by SYSTEM and
admins only).
If the disk is stolen, it would add some extra time before the password
is compromised.
Someone gave a clue here:
http://cygwin.com/ml/cygwin/2005-12/msg00181.html
"instead of storing them plaintext, why don't you try encoding them via
cryptographic hashes - md5, sha1, tiger and the like."
But I don't really know where to start (which tool should I use for it?)
--
Tomek
http://wpkg.org
WPKG - software deployment and upgrades with Samba
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
