Protecting Log In Data

Sivakatirswami katir at hindu.org
Sun Dec 5 22:40:44 EST 2004


I distribute stacks that allow volunteers access to specific files on 
our servers...
I want to protect the log in info from a text reader which might simply 
open the stack file...
I'm not looking for NASA high clearance security here... (FTP user 
names and passwords are viewable by packet sniffers anyway.)

Just protection from the curious who might get my stack and think "gee 
I wonder where the log in info is..."

( of course, if he is savvy he could just open a traffic watcher and 
run the stack and then save the transcript from his traffic watcher and 
find the user and log in info anyway.. so maybe there is a better 
way...

tell me if I have this right..

1. create a main stack with all the application tool box..
2. create a substack, enter the USER and PASS and domain etc stuff in a 
custom prop(s) in the substack
3. password protect the substack.
4. Now, when the main stack wants to do an upload or download, I just 
have handlers in the mainstack refer to the custom properties in  the 
substack.

Right? And this
a) means no one can read the custom props in the substack without the 
password
b) I have to be careful not to try to view the custom props in the 
application browser if the password has been set.

I'm sure someone has invented this wheel already...



Thanks
Sivakatirswami




More information about the use-livecode mailing list