General information
Category:
Coding, syntax & commands
Title:
How reliable/secure are getenv('User') & WScript.Network?
GetEnv() and WScript.Network both rely on Environment variables to obtain the user and domain information. How secure is that? Aren't environment variables easily created/destroyed/edited?
We're wanting to use the credentials with which the user logged in for our applications security so that the user does not have to log into their workstation and then turn around and log into our app. We've talked about pulling the information from GetEnv or WScript but if users can "tweak" environment variables then that would allow them to spoof other users, etc.
Any ideas?
Thanks for your help.
Next
Reply
View the map of this thread
View the map of this thread starting from this message only
View all messages of this thread
View all messages of this thread starting from this message only