Kinook Software Forum

Go Back   Kinook Software Forum > Visual Build Professional > [VBP] Suggestions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Rate Thread Display Modes
  #1  
Old 06-05-2006, 11:56 AM
SHatfield SHatfield is online now
Registered User
 
Join Date: 06-05-2006
Posts: 1
Build Script password protection

I have a "Sign Code" build step for signing our compiled setup.exe with our Verisign certificate, and I noticed that it is in clear text in the build script. Anyone with access to the build script can see what our cert password is. This isn't a terrible thing, but I would like for VBP to encrypt the password into the build script so that we don't have to worry about this anymore.

Thanks,
Steven Hatfield
MassMutual Corporation
Reply With Quote
  #2  
Old 06-05-2006, 01:32 PM
kinook kinook is online now
Administrator
 
Join Date: 03-06-2001
Location: Colorado
Posts: 6,034
If you store your signing certificate in the Windows certificate store, you don't need specify a password on the Sign Code action [1].

Another option would be to store the password in a global macro instead of the .bld file, and reference that macro from the password field. Then only someone with access to the machine where the global macro has been added will have access to the password. You could also store it there encrypted, but VBP won't currently do that for you.

We do intend to provide encryption capabilities in a future release (most likely a level with hard-coded key and another requiring the user to provide a password to unencrypt/open/build; since unless VBP prompts for a password to unencrypt the .bld file, any encrypting that it does will just amount to security through obscurity [2]). But even this doesn't really eliminate the problem, since *that* password still has to be stored and provided in order to build in an automated fashion.

[1] http://www.kinook.com/blog/?p=10
[2] http://en.wikipedia.org/wiki/Security_through_obscurity


Admin note: Implemented in v7
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -5. The time now is 09:10 PM.


Copyright © 1999-2023 Kinook Software, Inc.