View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005208||mantisbt||security||public||2005-02-03 11:09||2008-08-12 09:37|
|Summary||0005208: Encrypt plain smtp_password and db_password configuration fields in configuration?|
Is it possible to encrypt or something like hide the username/passwords to enter the database and smtp access?
I don't like it at all that these plain passwords are visible in the configuration file.
Any ideas to solve this? Or workaround maybe?
|Tags||No tags attached.|
Whilst this would be nice, i'm not sure it's possible - mantis would need to be able to decrypt the password to use it to log in - at that point, anyone who's able to read config_inc.php would likely have access to the system/box and would be able run the php routine to decrypt the password.
|2005-02-03 11:09||nlangenberg||New Issue|
|2008-08-01 08:25||grangeway||Note Added: 0018982|
|2008-08-01 08:25||grangeway||Status||@0@ => resolved|
|2008-08-01 08:25||grangeway||Resolution||@0@ => not fixable|
|2008-08-01 08:25||grangeway||Assigned To||=> grangeway|
|2008-08-12 09:37||grangeway||Status||resolved => closed|