08-13-2019
This seems to be a bad plan from the start. Writing passwords anywhere should be avoided. Anyone who can read the code that reads the password can probably just read the password for themselves.
A few questions:-
- Why would your application need to know the password? Does it become the account for certain actions?
- Could you not set up sudo access to allow people to become the account when they need to? This is auditable too.
- Is this a database account or something? You may be able to define it as authorised externally to the database, i.e. the DB trusts the OS validation.
- How would you use the password anyway?
It just seems a bad plan to me (sorry) and we may be able to find a better way that maybe even negates the need to have it changed regularly (i.e locked for password login entirely) so saving the Access Management team a task too.
I'm just confused and want to avoid building a service with exposures.
Robin
8 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
Is it possible to export your saved profiles in F-secure. I have looked in F-secure's documentation, on google, here, and other places and can't seem to figure out how to do it.
It seems like such a simple task... (0 Replies)
Discussion started by: dangral
0 Replies
2. UNIX for Advanced & Expert Users
Hi,
Can I just quick pick everyone brain here about the following:
There is a security audit going on at the company I work for and one of the things that needed to be resolved was that there were a lot of users who don't have a home directory.
As this is a fairly large environment of over... (5 Replies)
Discussion started by: Solarius
5 Replies
3. Linux
Hi,
Can anyone please guide me how can I remove/block a user from a server access.
/usr/sbin/adduser -d /home/john john
echo ****** | passwd --stdin john
I used the above command to add a user "john". How do I delete and block john.
Appreciate your responses. (1 Reply)
Discussion started by: sureshcisco
1 Replies
4. Linux
A gnome session is launched by UserA of System A, I am connected to userB of System B(or A) through PUTTY. I want to launch an application for eg: gedit through Putty in the display of system A. how can I achieve this.
for eg:-
root is logged in to System A, with gdm.
DISPLAY=0.0, ip =... (4 Replies)
Discussion started by: Sivaswami
4 Replies
5. Linux
We have
Server 1 - mounts an NFS share from another server to a users directory.
Server 2 - has NFS share and the share only allows access from Server 1.
How can we make sure no other users on Server 1 can access the NFS mount? (5 Replies)
Discussion started by: Adrnalnrsh
5 Replies
6. Programming
Hi, all,
I am a newbie to linux authentication part.
Questions below really puzzle me:
How to authenticate users from local storage(passwd shadow) and nis server?
(Without PAM)
getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd".
I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies
7. Solaris
Dear all,
I am a beginner with Solaris.
I unfortunately remove the Application Manager from the Front Panel, and I really don't know how to put it again, or from where launch it...
Could anyone help me? (1 Reply)
Discussion started by: avr
1 Replies
8. Shell Programming and Scripting
Hi,
currently, I have a problem in a stress test bash script.
i´m using the following command:
while true; do echo $"command" | ./myprogram; sleep 0.4; done
--> myprogram is watching for stdin via select
The problem is that it will work a couple of times. After that, the stdin fd... (3 Replies)
Discussion started by: bertl100
3 Replies
LEARN ABOUT SUNOS
asadmin-list-connector-connection-pools
asadmin-list-connector-connection-pools(1AS) User Commands asadmin-list-connector-connection-pools(1AS)
NAME
asadmin-list-connector-connection-pools, list-connector-connection-pools - gets all the connection pools
SYNOPSIS
list-connector-connection-pools --user admin_user [--password admin_password] [--host localhost] [--port 4848] [--secure |-s] [--password-
file filename] [--terse=false] [--echo=false] [--interactive=true]
gets all the connector connection pools. This command is supported in remote mode only.
OPTIONS
--user authorized domain application server administrative username.
--password password to administer the domain application server.
--host machine name where the domain application server is running.
--port port number of the domain application server listening for administration requests.
--secure if true, uses SSL/TLS to communicate with the domain application server.
--passwordfile file containing the domain application server password.
--terse indicates that any output data must be very concise, typically avoiding human-friendly sentences and favoring well-
formatted data for consumption by a script. Default is false.
--echo setting to true will echo the command line statement on the standard output. Default is false.
--interactive if set to true (default), only the required password options are prompted.
Example 1: Using list-connector-connection-pools
asadmin> list-connector-connection-pools --user admin
--password adminadmin
EXIT STATUS
0 command executed successfully
1 error in executing the command
asadmin-create-connector-connection-pool(1AS), asadmin-delete-connector-connection-pool(1AS)
J2EE 1.4 SDK March 2004 asadmin-list-connector-connection-pools(1AS)