[wpkg-users] WPKG Client settings

Berge Schwebs Bjørlo berge at trivini.no
Fri Apr 3 11:57:47 CEST 2009


On Fri, Apr 03, 2009 at 10:52:13AM +0200, Tomasz Chmielewski wrote:
> Sure - with proper privilege level, time and resources, no password is
> secure.

True, but for strong passwords, this is only given enough time (where
"enough" can have very high values).

Even so, WPKG Client needs to access its %SOFTWARE% share credentials in
plain text somehow, so no amount of encryption will help if you can access
the same data with the same privileges as WPKG Client.

> That's why it's best to:
> - use SYSTEM account for executing processes started by WPKG Client
> - use credentials which only allow access to your %SOFTWARE% share (but  
> don't allow to log in)

Indeed, I agree. However, my point was as to where to store the %SOFTWARE%
share credentials, and obscuring them is not a security measure, as they need
to be available in plain text at some point anyway.

> Even better yet, with the latest testing release of WPKG Client, it is
> possible to connect to a share with computer credentials. However, I'd like
> to get more feedback about it (if/how it works).

I haven't tried it, but it sounds interesting. I'll give it a spin and report
back on it over easter, I guess.

Cheers,
-B

-- 
Berge Schwebs Bjørlo
Alegría!



More information about the wpkg-users mailing list