[wix-users] util:XmlFile logging sensitive info
Jacob.Hoover at greenheck.com
Mon Sep 14 07:53:25 PDT 2015
If that information is already in plain text form in an XML file, wouldn't it also be considered insecure? A bigger question would be why not use integrated authentication, but I assume you are using a different DB that may not support it, or you're in a client/server relationship without a domain.
From: wix-users [mailto:wix-users-bounces at lists.wixtoolset.org] On Behalf Of Cockerham, Gregory
Sent: Monday, September 14, 2015 9:30 AM
To: wix-users at lists.wixtoolset.org
Subject: [wix-users] util:XmlFile logging sensitive info
I am using util:XmlFile to tweak my DB connection strings, but XmlFile is logging the entire line which includes the user creds, which is not wanted. I know there was a bug (click here<http://wixtoolset.org/issues/3859/>) opened about this issue a while back, but from a disposition standpoint it was marked NotABug and no real solution given (at least not one that was apparent to me). The problem is, I am still seeing the behavior. If there is a solution or workaround, please help.
This message and any attachments are solely for the use of intended recipients. The information contained herein may include trade secrets, protected health or personal information, privileged or otherwise confidential information. Unauthorized review, forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful. If you are not an intended recipient, you are hereby notified that you received this email in error, and that any review, dissemination, distribution or copying of this email and any attachment is strictly prohibited. If you have received this email in error, please contact the sender and delete the message and any attachment from your system. Thank you for your cooperation
WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/
More information about the wix-users