geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Deepak Nayal <>
Subject Password visible for deployment
Date Fri, 26 Nov 2004 09:05:04 GMT
This is the very first day that I have started to use Geronimo :-)
After going through its docs, it seems that the deployment needs the username and the password
whch are given as arguments to the DeployTool class. However, I believe this is a security
threat as a hacker can check out the history list in UNIXes and can get the USER/PASS. So
I believe we should have a tool which encrypts the user/pass and puts them in a file and then
that filename can be passed as the argument to the DeployTool class. The 'org.apache.geronimo.deployment.cli.ServerConnection'
class can be edited to reflect this change.
My sincere apologise if this seems to be a wierd idea.
Please do let me know your views.
Deepak Nayal

Do you Yahoo!?
 Meet the all-new My Yahoo!  Try it today! 
View raw message