Hello,
i've found a few posts in the past regarding this topic but no solution/workaround for this: Zabbix will store ldap bind passwords in clear text in its postgres database.
How can this be acceptable from a security point of view ? Assuming that nobody will ever access this db is a little naive in my opinion, shouldn't be safer to encrypt the password before storing it ?
I understand that zabbix would need a way to decrypt it but..isn't it the same for zabbix user passwords when they use internal authentication ? (just guessing..)
Is there any plan to enhance this ?
i've found a few posts in the past regarding this topic but no solution/workaround for this: Zabbix will store ldap bind passwords in clear text in its postgres database.
How can this be acceptable from a security point of view ? Assuming that nobody will ever access this db is a little naive in my opinion, shouldn't be safer to encrypt the password before storing it ?
I understand that zabbix would need a way to decrypt it but..isn't it the same for zabbix user passwords when they use internal authentication ? (just guessing..)
Is there any plan to enhance this ?