geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Sisson (JIRA)" <...@geronimo.apache.org>
Subject [jira] Created: (GERONIMO-766) Provide a more secure way for UNIX scripts to pass userid and password to deploy tool
Date Sat, 16 Jul 2005 00:39:13 GMT
Provide a more secure way for UNIX scripts to pass userid and password to deploy tool
-------------------------------------------------------------------------------------

         Key: GERONIMO-766
         URL: http://issues.apache.org/jira/browse/GERONIMO-766
     Project: Geronimo
        Type: Improvement
  Components: deployment  
    Versions: 1.0-M4    
    Reporter: John Sisson
    Priority: Minor


Currently if someone specifies a userid and password on the command line to the deploy tool,
it could be visible to other UNIX users via ps commands.

Should we enable the user to point the deployer to a properties file stored in a secured location)
that contains the userid and password? That would be more secure for cases where the tool
is being called by scripts and the userid/password prompting is not desired.

Our documentation should also remind users about this security issue.

See mail dev list thread "Deploy tool and user and password security"

http://marc.theaimsgroup.com/?t=112140739500001&r=1&w=2

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message