[asterisk-users] Hide the plain text password
Kevin P. Fleming
kpfleming at digium.com
Mon Feb 14 16:28:23 CST 2011
On 02/14/2011 04:18 PM, Richard Kenner wrote:
>> Who are you hiding them from? Anyone with access to the Asterisk server
>> can already do far more damage than extracting these passwords.
>
> You may (like we do) want to store config files in a version control system
> in a common repository. People who have access to that repository don't
> necessary have access to the Asterisk server.
Then either the passwords are in the config files (and version
controlled), or they are not (and not version controlled). There is no
other practical alternative... because any method of obscuring the
password can be un-done by a motivated person. The only question is
their level of motivation :-)
--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
skype: kpfleming | jabber: kfleming at digium.com
Check us out at www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list