On Thu, Jul 12, 2018 at 9:36 AM, Erik Berndt
<erikber...@superiorpaving.net> wrote:
>>Your best option is to set filesystem permissions appropriately such that
>> only Guacamole can read guacamole.properties.
>
> I had a similar thought a few months ago and this is your best best. Yes,
> the password is stored in plain text on a publicly available server, but
> it's not being transmitted externally, so locking it down should be
> sufficient. We use smtp relay on a couple of servers and have the config
> files storing the credentials set to 644. I just checked and
> guacamole.properties is set to 604, which from what I can recall was the
> most restrictive mode without the service becoming inaccessible.
>

In general, I'd recommend creating a group specific to Guacamole (like
"guacamole"), adding the Tomcat user to that group, and ensuring
guacamole.properties is owned by "root:guacamole" with 640 permissions
(read/write for root, read-only to guacamole, unreadable to all
others). That should lock things down nicely.

- Mike

Reply via email to