[wpkg-users] WPKG Client settings
Berge Schwebs Bjørlo
berge at trivini.no
Fri Apr 3 11:57:47 CEST 2009
On Fri, Apr 03, 2009 at 10:52:13AM +0200, Tomasz Chmielewski wrote:
> Sure - with proper privilege level, time and resources, no password is
> secure.
True, but for strong passwords, this is only given enough time (where
"enough" can have very high values).
Even so, WPKG Client needs to access its %SOFTWARE% share credentials in
plain text somehow, so no amount of encryption will help if you can access
the same data with the same privileges as WPKG Client.
> That's why it's best to:
> - use SYSTEM account for executing processes started by WPKG Client
> - use credentials which only allow access to your %SOFTWARE% share (but
> don't allow to log in)
Indeed, I agree. However, my point was as to where to store the %SOFTWARE%
share credentials, and obscuring them is not a security measure, as they need
to be available in plain text at some point anyway.
> Even better yet, with the latest testing release of WPKG Client, it is
> possible to connect to a share with computer credentials. However, I'd like
> to get more feedback about it (if/how it works).
I haven't tried it, but it sounds interesting. I'll give it a spin and report
back on it over easter, I guess.
Cheers,
-B
--
Berge Schwebs Bjørlo
Alegría!
More information about the wpkg-users
mailing list