Re: Config file upgrade from 2.4.2p2 to 2.5.1p3
2007-07-05 04:24:59
Olivier Nicole schrieb:
Because this file contains clear text high priviledge password for the
Windows machines.
But it also contains cleartext passwords if you use a 100 character password.
There's nothing more secure by doing that.
Any leakage of this file would provide access to any Windows machine
in the network, so it is better to have the password not clear.
Then you better think about your security policy, instead of doing obscoure
things with long passwords. It someone can read the content of the file, then
it doesn't matter if you have a 8 or 100 character password.
What about having a special backup user in your domain, that is inserted in
the workstations "Backup operators" group when it's a workstation you wanna
backup (not all). Also set up a policy to disallow local logon for that
group/user.
Also make sure that no one can access your backup server except the
administrators. Also sometimes change the password of that backup domain user
(and in that file).
I think, that are much better ways to secure your system instead of a long
plain text password that also everybody can read.
Regards
Marc
--
Marc Muehlfeld (Leitung Systemadministration)
Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost
Lochhamer Str. 29 - D-82152 Martinsried
Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78
http://www.medizinische-genetik.de
|
|
|