Astaro.org (Read-Only)

UTM 9 Endpoint Protection [8.900][BUG] Endpoint Protection User can change settings

[8.900][BUG] Endpoint Protection User can change settings

Sammoe over 12 years ago

Tamper Protection is not working.

User on Windows XP can tamper the settings of EndPoint Protection.

On UTM 9 the Tamper Protection is enabled.

Parents

0 kbr over 12 years ago

Thanks for reporting this, we'll track this as Mantis ID #20609
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 AzRoN over 12 years ago in reply to kbr

In addition to the tamper protection - the Endpoint Protection Logs/Live Logs displays the password in CLEAR TEXT for anyone with access to the logs to see.

This information should be either hashed out or hidden.

If a password becomes forgotten then it can be changed to something different, policies re-assigned and the issue sidestepped.

==

When in doubt, Script it out.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 AzRoN over 12 years ago in reply to kbr

In addition to the tamper protection - the Endpoint Protection Logs/Live Logs displays the password in CLEAR TEXT for anyone with access to the logs to see.

This information should be either hashed out or hidden.

If a password becomes forgotten then it can be changed to something different, policies re-assigned and the issue sidestepped.

==

When in doubt, Script it out.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data