Is there any plans in the pipeline to provide us a way of encrypting our configuration files.
I ask because I use configuration files everywhere in order to make my packages location independant but then you have to lock down access to those configuration files because they may have passwords in them.
I'd rather they were encrypted.
Thoughts?
-JamieJamie,
Have you thought about securing the config files by setting up NTFS permissions?
As a former Network Administrator, I found that it is much easier to manage resource access if it is centralized in one location. Personally, I would setup a group in Active Directory for users that need access to the config files and grant only that group to have read/write access to the folders containing your config files. (System Administrators still have full control and Backup Operators would have read access)
I would consider Encryption if the files are being sent over the wire and you want to make sure the file contents are not captured via a sniffer. It would be relatively easy to create a utitlity to encrypt and decrypt the files using the System.Security.Cryptography class.
Larry|||Hi Larry,
Yeah, that's what we're doing. I think the encryption feature would be nice as well tho.
-Jamie|||We considered an encryption feature, but didn't have time. It's a nice feature that we didn't get to.
K|||Right. Well you know what that means :)
http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=aebad475-0aa6-4fce-ba06-3ef42dd7856d|||
Jamie Thomson wrote:
Hi all,
Is there any plans in the pipeline to provide us a way of encrypting our configuration files.I ask because I use configuration files everywhere in order to make my packages location independant but then you have to lock down access to those configuration files because they may have passwords in them.
I'd rather they were encrypted.
Thoughts?
-Jamie
You can store your configuration files on SQL Server; just as an alternative.
No comments:
Post a Comment