Last post Dec 06, 2014 07:55 AM by XIII
Dec 05, 2014 04:26 PM|Garrett8610|LINK
I am working on a web application that uses a web/sql server combination. I have developed a homegrown auto-patching utility that upgrades the software. Today the user supplies server admin credentials when setting up the auto-patch functionality. Today
these credentials are encrypted and then stored in the system registry.
I am concerned that this is not a best practice from a security standpoint. Are there any other ways of doing this? The whole idea of auto-patching is to have the patch run during off-hours and avoid someone having to key in the admin credentials at 2
in the morning.
Any help would be much appreciated!
Dec 06, 2014 07:55 AM|XIII|LINK
an alternative approach would be:
Is the patching a patching for Windows or for updating parts of your custom made application with new assemblies?