geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Mulder <ammul...@alumni.princeton.edu>
Subject Re: Deploy tool and user and password security
Date Sat, 16 Jul 2005 00:49:00 GMT
	It doesn't matter what the monitor shows, because I'll be
controlling your mind directly.

Aaron

P.S. Which is to say, quite right.  :)

On Sat, 16 Jul 2005 sissonj@insession.com wrote:
> Wouldn't this alternative still require that the script pass the userid 
> and password on the command line using -D arguments and therefore still 
> visible on the ps command? 
> 
> Created JIRA issue http://issues.apache.org/jira/browse/GERONIMO-766
> 
> John
> 
> Aaron Mulder <ammulder@alumni.princeton.edu> wrote on 15/07/2005 09:59:45 
> PM:
> 
> >    Another alternative is to let the user put the username and 
> > password in environment variables, and then have a deployer start script 
> 
> > that sends them in as system properties.
> > 
> > Aaron
> > 
> > On Fri, 15 Jul 2005 sissonj@insession.com wrote:
> > > Currently if someone specifies a userid and password on the command 
> line 
> > > to the deploy tool, it could be visible to other UNIX users via ps 
> > > commands.
> > > 
> > > Should we enable the user to point the deployer to a properties file 
> > > (stored in a secured location) that contains the userid and password. 
> That 
> > > would be more secure for cases where the tool is being called by 
> scripts 
> > > and the userid/password prompting is not desired.
> > > 
> > > Our documentation should also remind users about this security issue.
> > > 
> > > Does this sound reasonable for a new JIRA task?
> > > 
> > > John
> > > 
> 
> 

Mime
View raw message