[rt-users] Securing /opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm

Jesse Vincent jesse at bestpractical.com
Sun Sep 19 10:21:32 EDT 2010


> > Solutions like "well make the file only readable by root" aren't going to
> > be accepted (not by me, but by our security team). Needs to be a hashed
> > password, may be, or something.. I don't know.. soliciting ideas.
> >

When people talk about hashes, they are _typically_ talking about
one-way functions. You can tell if two passwords hash to the same thing, 
but can't typically reverse a hashed password into usable credentials.

Have you tried asking your security people for recommendations? Presumably
they have a way they'd like you to do this.



More information about the rt-users mailing list