Kinook Software Forum

Go Back   Kinook Software Forum > Visual Build Professional > [VBP] General Discussion

View Poll Results: How useful would "inter-field" validations be on custom action propety dialogs?
Very important! (needs aren't met due to the lack of this feature) 1 50.00%
Somewhat Important. (We have found ways around it, but we really want to have that feature) 0 0%
Unimportant. (However "nice" it would be we don't see our organization using it) 1 50.00%
What do you mean by "inter-field" validations? 0 0%
Voters: 2. You may not vote on this poll

Reply
 
Thread Tools Rate Thread Display Modes
  #1  
Old 07-16-2003, 10:13 AM
jason0816 jason0816 is online now
Registered User
 
Join Date: 07-14-2003
Location: MN
Posts: 10
Future User Action edit field features ...

Part of the work that we do works with a StarTeam server.
Which requires the user to type in a password.

Storing passwords in plain text and displaying them as plain text of course can pose a security breach.

If it's possible, it would be nice to see, at mimimum, the "password" property of edit boxes being provided via the XML format provided (i.e. Password="1" within the field tag)

Ideally such an item would also perform trivial encryption to prevent a casual user from recovering the password from a build file by mere visual inspection.
Reply With Quote
  #2  
Old 07-16-2003, 03:41 PM
pjaquiery pjaquiery is online now
Registered User
 
Join Date: 01-20-2003
Location: Dunedin, New Zealand
Posts: 114
You could use some script to decode encripted passwords at run time. Fixes the casual user problem, but doesn't provide very much security as the script can be run interactively by an interested user.
Reply With Quote
  #3  
Old 07-16-2003, 03:57 PM
jason0816 jason0816 is online now
Registered User
 
Join Date: 07-14-2003
Location: MN
Posts: 10
Fair enough, however...

My work around for now is to clear out the password after the script is executed. The data entry is still blatantly visible.

My primary concern is that a priveldeged users password could be read as plain text from the UI after it's been entered or as it is being entered.

Since no build scripts will be published here that contain passwords and user names, it's more a matter of a malicious intern or digruntled employee that I'm trying to provide minimal/trivial protection against... (i.e. I don't expect that we will have a problem, but it's a safety net , albeit a weak one...)
Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -5. The time now is 09:08 AM.


Copyright © 1999-2023 Kinook Software, Inc.