[mdlug] Password management application

Aaron Kulkis akulkis00 at gmail.com
Wed Feb 18 13:32:06 EST 2015 

Mathew May wrote:
> I completely agree, but the decision for this is out of my hands. I have expressed my concerns on just how bad an idea this is, but they also allow group logins on all of the dev/stage servers if that tells you anything.
>
> I have the power of root, but am still just a pawn :(

I'd dust off your resume, and find a better place to work.

When this blows up, and it WILL eventually... guess who will get the
blame... the idiots who made this moronic decision, or the admin who
has to take care of it?

And at your exit interview, I would say exactly that.

>
> ----- Original Message -----
>
> From: "Aaron Kulkis" <akulkis00 at gmail.com>
> To: "MDLUG's Main discussion list" <mdlug at mdlug.org>
> Sent: Tuesday, February 17, 2015 4:12:45 PM
> Subject: Re: [mdlug] Password management application
>
> Mathew May wrote:
>> Hey gang, I have a question for you. I have been tasked with looking into a password manager application that can be installed in a central location, that allows multiple user accounts to be configured, and then these user can display account/password information that is approved for their level of access.
>>
>> Example: We want to store database user names and passwords in a central local, and we want people to be able to login and see this information, but only what they have the appropriate access for. We want the developers to only see credentials for the dev environment, not able to see production values.
>>
>
> The very idea, in and of itself, is a MAJOR security violation.
>
> Whoever is demanding such things is incompetent.
>
> Good luck with the politics of this.
>
>> I have been looking at and trying to configure a product called Rattic, but this solution does not store the information encrypted. I would have to install it on an encrypted file system, and I am not super versed in Apache and am running into a few brick walls trying to get this up and running.
>>
>> Anyone have any suggestions for a solution along these lines? And preferably open source (almost no budget for this project)
>>
>> Thanks,
>> Mat
>> _______________________________________________
>> mdlug mailing list
>> mdlug at mdlug.org
>> http://mdlug.org/mailman/listinfo/mdlug
>>
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>

More information about the mdlug mailing list