On 02/14/2011 04:18 PM, Richard Kenner wrote:
Who are you hiding them from? Anyone with access to the Asterisk server
can already do far more damage than extracting these passwords.
You may (like we do) want to store config files in a version control system
in a common repository. People who have access to that repository don't
necessary have access to the Asterisk server.
Then either the passwords are in the config files (and version
controlled), or they are not (and not version controlled). There is no
other practical alternative... because any method of obscuring the
password can be un-done by a motivated person. The only question is
their level of motivation :-)
--
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
skype: kpfleming | jabber: kflem...@digium.com
Check us out at www.digium.com & www.asterisk.org
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
