MS SQL 7.0 DTS saved packages contain plain text passwords

["Floyd Russell" <floyd () neospire net>]

When creating a Data Transformation Service (DTS) Package be carefull. The
saved
file does not encrypt the passwords that the package will use when executed.
If a
client could convice an admin to create an example DTS package for
troubleshooting
then the client would have the admin's SQL password. Of course no admin
would ever
use a high level account for that sort of thing. :)

Floyd Russell