geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From siss...@insession.com
Subject Re: Deploy tool and user and password security
Date Sat, 16 Jul 2005 00:37:42 GMT
Wouldn't this alternative still require that the script pass the userid 
and password on the command line using -D arguments and therefore still 
visible on the ps command? 

Created JIRA issue http://issues.apache.org/jira/browse/GERONIMO-766

John

Aaron Mulder <ammulder@alumni.princeton.edu> wrote on 15/07/2005 09:59:45 
PM:

>    Another alternative is to let the user put the username and 
> password in environment variables, and then have a deployer start script 

> that sends them in as system properties.
> 
> Aaron
> 
> On Fri, 15 Jul 2005 sissonj@insession.com wrote:
> > Currently if someone specifies a userid and password on the command 
line 
> > to the deploy tool, it could be visible to other UNIX users via ps 
> > commands.
> > 
> > Should we enable the user to point the deployer to a properties file 
> > (stored in a secured location) that contains the userid and password. 
That 
> > would be more secure for cases where the tool is being called by 
scripts 
> > and the userid/password prompting is not desired.
> > 
> > Our documentation should also remind users about this security issue.
> > 
> > Does this sound reasonable for a new JIRA task?
> > 
> > John
> > 


Mime
View raw message