This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Last revision Both sides next revision | ||
misc [2022/02/14 17:01] 84.198.201.169 |
misc [2022/02/14 17:01] 84.198.201.169 [Data encryption] |
||
---|---|---|---|
Line 11: | Line 11: | ||
* PMACORE_ENCRYPTION_KEY environment variable | * PMACORE_ENCRYPTION_KEY environment variable | ||
* EncryptionKey key in the App_Data\Data\PMA.core.config file (fallback if no env var is defined) | * EncryptionKey key in the App_Data\Data\PMA.core.config file (fallback if no env var is defined) | ||
- | |||
- | The choice of using an environment variable as a means to provide the encryption key was chosen as the second best alternative behind using specialized vaults, which are not applicable. The reasoning is that even if an attacker can read files in the file system where PMA.core is installed, they won't be able to read the encryption key, because it is not in a file. | ||
- | |||