geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From siss...@insession.com
Subject Deploy tool and user and password security
Date Fri, 15 Jul 2005 06:02:30 GMT
Currently if someone specifies a userid and password on the command line 
to the deploy tool, it could be visible to other UNIX users via ps 
commands.

Should we enable the user to point the deployer to a properties file 
(stored in a secured location) that contains the userid and password. That 
would be more secure for cases where the tool is being called by scripts 
and the userid/password prompting is not desired.

Our documentation should also remind users about this security issue.

Does this sound reasonable for a new JIRA task?

John

Mime
View raw message