Return-Path: X-Original-To: apmail-brooklyn-dev-archive@minotaur.apache.org Delivered-To: apmail-brooklyn-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0C23F1179A for ; Thu, 14 Aug 2014 10:57:52 +0000 (UTC) Received: (qmail 9076 invoked by uid 500); 14 Aug 2014 10:57:51 -0000 Delivered-To: apmail-brooklyn-dev-archive@brooklyn.apache.org Received: (qmail 9054 invoked by uid 500); 14 Aug 2014 10:57:51 -0000 Mailing-List: contact dev-help@brooklyn.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@brooklyn.incubator.apache.org Delivered-To: mailing list dev@brooklyn.incubator.apache.org Received: (qmail 9042 invoked by uid 99); 14 Aug 2014 10:57:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 14 Aug 2014 10:57:50 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of aled.sage@gmail.com designates 74.125.82.51 as permitted sender) Received: from [74.125.82.51] (HELO mail-wg0-f51.google.com) (74.125.82.51) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 14 Aug 2014 10:57:21 +0000 Received: by mail-wg0-f51.google.com with SMTP id b13so909474wgh.10 for ; Thu, 14 Aug 2014 03:57:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=wc/Ly85RtERfOSlow18KIrsI31YatFqY2Nw8xQXStjE=; b=KeWnAIcWHkFFH+xykprGYmX6DxikB8iBbgXPbmH/ZwIJoZOwXSNXqNFeNBobSLRLsP dyqZsRNhLRQAmVVUDOaWdVbdFBw84dbgJGBOR9NF47+HynVpGl3fx9aHFb0kGcLPNOBV gSe+SwxiuxsxUK8FX5pw0PxMHMJirVxicoTpjVP1aVEsRXjmPkDHAM77lejB+aSqupum hCEqmGIkD7/sPF2E83qzA3NOlU+N3M0tKwfZiB5ycMJgluI6ZO2U/QX1euKuvimAAZId kPIUSzrM/iBgwvhvoXRTTgDaFC9lmtvzDoWFyUal846wi0mDBLUs6r7itF9V0kCdr4Bj qDHQ== X-Received: by 10.194.184.230 with SMTP id ex6mr10734550wjc.83.1408013841229; Thu, 14 Aug 2014 03:57:21 -0700 (PDT) Received: from Aleds-MacBook-Pro.local (host81-159-236-229.range81-159.btcentralplus.com. [81.159.236.229]) by mx.google.com with ESMTPSA id vn10sm10709983wjc.28.2014.08.14.03.57.20 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 14 Aug 2014 03:57:20 -0700 (PDT) Message-ID: <53EC960E.60703@gmail.com> Date: Thu, 14 Aug 2014 11:57:18 +0100 From: Aled Sage User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: dev@brooklyn.incubator.apache.org Subject: Re: web-console security: use hashed passwords in brooklyn.properties References: <53E4DCE2.4050308@gmail.com> <53E8A4DA.1010706@cloudsoftcorp.com> In-Reply-To: <53E8A4DA.1010706@cloudsoftcorp.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Hi all, Brooklyn master now checks if ~/.brooklyn/brooklyn.properties (or whatever you override it with on the launch command line) has permissions like 600 (or 700 or 400). Brooklyn will fail to start otherwise, giving a nice error to tell you why. Note that we won't check these permissions on Windows currently. You'll get a log.debug telling you that we couldn't check. Aled On 11/08/2014 12:11, Alasdair Hodge wrote: > Enthusiastic "yay!" for hashed, salted passwords :o) > > Also +1 to enforcing tighter access control for the properties file at > runtime. Will require a Windows equivalent, of course, but checking > for *00 flags on posix systems is a great start. I expect we want > "strict" behaviour only in the launcher, and that unit tests, etc, > don't need to care? > > As for the --stdin thing for generate-password, I must admit I'm > sympathetic to the "don't do that" argument in the links you posted. > If stream hacks are required only to test the generator then it's > probably no biggie, but making recommendations to end-users that go > against the grain of established unix security best practices gives me > pause. > > A.