ant-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bode...@apache.org
Subject svn commit: r677222 - /ant/core/trunk/docs/manual/OptionalTasks/sshexec.html
Date Wed, 16 Jul 2008 09:57:21 GMT
Author: bodewig
Date: Wed Jul 16 02:57:21 2008
New Revision: 677222

URL: http://svn.apache.org/viewvc?rev=677222&view=rev
Log:
Use the same warning in all three documents about ssh authentication.  PR 43941.

Modified:
    ant/core/trunk/docs/manual/OptionalTasks/sshexec.html

Modified: ant/core/trunk/docs/manual/OptionalTasks/sshexec.html
URL: http://svn.apache.org/viewvc/ant/core/trunk/docs/manual/OptionalTasks/sshexec.html?rev=677222&r1=677221&r2=677222&view=diff
==============================================================================
--- ant/core/trunk/docs/manual/OptionalTasks/sshexec.html (original)
+++ ant/core/trunk/docs/manual/OptionalTasks/sshexec.html Wed Jul 16 02:57:21 2008
@@ -205,13 +205,16 @@
 	password="${password}"
 	command="touch somefile"/>
 </pre>
-Invoke ant with the following command line:
+Invoking ant with the following command line:
 <pre>
     ant -Dusername=me -Dpassword=mypassword target1 target2
 </pre>
-which trades hard coded passwords for the possibility that any other
-user tracing processes on the machine running Ant (or reading your
-command shell's history) may now read the password.
+
+Is slightly better, but the username/password is exposed to all users
+on an Unix system (via the ps command). The best approach is to use
+the
+<code>&lt;input&gt;</code> task and/or retrieve the password from a (secured)
+.properties file.
 </p>
 </body>
 </html>



Mime
View raw message