[rt-users] Securing /opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm
Jesse Vincent
jesse at bestpractical.com
Sun Sep 19 10:21:32 EDT 2010
> > Solutions like "well make the file only readable by root" aren't going to
> > be accepted (not by me, but by our security team). Needs to be a hashed
> > password, may be, or something.. I don't know.. soliciting ideas.
> >
When people talk about hashes, they are _typically_ talking about
one-way functions. You can tell if two passwords hash to the same thing,
but can't typically reverse a hashed password into usable credentials.
Have you tried asking your security people for recommendations? Presumably
they have a way they'd like you to do this.
More information about the rt-users
mailing list