[rt-users] Securing /opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm

Val Polyakov val at polyakov.me
Wed Sep 15 15:51:51 EDT 2010


Plaintext.

But that doesnt matter - because its a RT db, with nothing else on it.
Security has no problem with it.

They only have a problem with storing the domain account credentials in
plaintext.

--Val

>   On 09/15/2010 12:52 PM, Val Polyakov wrote:
>> Hello,
>>
>> what are our options as far as securing RT_SiteConfig.pm goes?
>>
>> My company has pretty strict security requirements, and our security
>> team
>> will simply not allow us to store the ldap username/password in a plain
>> text file on the RT server (and I can fully understand their concerns).
>>
>> What are some options here? Again, keeping in mind that the requirement
>> is
>> for the password (at least the password, that is) to NOT be plaintext in
>> RT_SiteConfig.pm
>>
>> Solutions like "well make the file only readable by root" aren't going
>> to
>> be accepted (not by me, but by our security team). Needs to be a hashed
>> password, may be, or something.. I don't know.. soliciting ideas.
>>
>> --Val
> How are you storing the database userid and password in that case?
>
> Jeff
>
> RT Training in Washington DC, USA on Oct 25 & 26 2010
> Last one this year -- Learn how to get the most out of RT!
>





More information about the rt-users mailing list