This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 12/4/05, nidhog <nidhog@gmail.com> wrote:
On 12/4/05, Christopher Faylor <cgf-no-personal-reply-please@cygwin.com> wrote:
On Sun, Dec 04, 2005 at 12:20:57PM +0100, Tomasz Chmielewski wrote:
I have a little open-source project, which eases Windows administration a bit.
In some of the scripts, I use usernames and passwords (to get to a password-protected network share etc.). Because they are scripts, username and password is in plain.
Although the script files are only readable by SYSTEM and Administrators, if a disk is stolen, someone could easily get the passwords by doing simple "grep -r password ./*".
Do you know some tool which could "encode" scripts?
instead of storing them plaintext, why don't you try encoding them via cryptographic hashes - md5, sha1, tiger and the like.
How is the script going to get the plaintext password if all it has is a one way hash?
-- Tomek http://wpkg.org WPKG - software deployment and upgrades with Samba
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |