On Tue, Dec 06, 2005 at 08:36:07PM +0100, Tomasz Chmielewski wrote: >Svend Sorensen schrieb: >>On 12/4/05, nidhog <[EMAIL PROTECTED]> wrote: >> >>>On 12/4/05, Christopher Faylor <[EMAIL PROTECTED]> >>>wrote: >>> >>>>On Sun, Dec 04, 2005 at 12:20:57PM +0100, Tomasz Chmielewski wrote: >>>> >>>>>I have a little open-source project, which eases Windows administration >>>>>a bit. >>>>> >>>>>In some of the scripts, I use usernames and passwords (to get to a >>>>>password-protected network share etc.). >>>>>Because they are scripts, username and password is in plain. >>>>> >>>>>Although the script files are only readable by SYSTEM and >>>>>Administrators, if a disk is stolen, someone could easily get the >>>>>passwords by doing simple "grep -r password ./*". >>>>> >>>>>Do you know some tool which could "encode" scripts? >>> >>>instead of storing them plaintext, why don't you try encoding them via >>>cryptographic hashes - md5, sha1, tiger and the like. >> >> >>How is the script going to get the plaintext password if all it has is >>a one way hash? > >I don't really care, perhaps it won't be any one way hash anyway. > >It is to be a measure to prevent an accidental viewing of >usernames/passwords rather than some "military grade" tool which takes >100 years to break on a supercomputer.
So, in that case, someone has already made a suggestion: http://cygwin.com/ml/cygwin/2005-12/msg00181.html -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/