-
Type:
Technical Work
-
Resolution: Duplicate
-
Priority:
Blocker
-
Affects Version/s: 1.0.0-M2
-
Component/s: Distribution Packaging, Security
-
None
External system credentials (such as database) are stored in clear text in configuration files for deployed applications. Several options exist to mitigate the risk:
1) Ensure tight file permissions are applied to the configuration files in each deployment. The documentation should be updated to reflect this need.
2) Encrypt the values in files and do the decryption on application start up.
1) Ensure tight file permissions are applied to the configuration files in each deployment. The documentation should be updated to reflect this need.
2) Encrypt the values in files and do the decryption on application start up.
- duplicate of
-
GTWY-642 Database credentials are stored in clear text in source files.
-
- Done
-