Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 83547 invoked from network); 15 Jul 2005 15:20:14 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 15 Jul 2005 15:20:14 -0000 Received: (qmail 99501 invoked by uid 500); 15 Jul 2005 15:20:09 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 99453 invoked by uid 500); 15 Jul 2005 15:20:09 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 99438 invoked by uid 99); 15 Jul 2005 15:20:08 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jul 2005 08:20:08 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: local policy) Received: from [64.14.202.141] (HELO mgd.gluecode.com) (64.14.202.141) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jul 2005 08:20:05 -0700 Received: from [192.168.15.101] (68-171-62-46.vnnyca.adelphia.net [68.171.62.46]) (authenticated bits=0) by mgd.gluecode.com (8.12.10/8.12.10) with ESMTP id j6FFJ9CW019195 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Fri, 15 Jul 2005 08:19:10 -0700 Mime-Version: 1.0 (Apple Message framework v730) In-Reply-To: References: Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <403B5B04-53A7-41C7-98AD-AB778C99D882@iq80.com> Content-Transfer-Encoding: 7bit From: Dain Sundstrom Subject: Re: Deploy tool and user and password security Date: Fri, 15 Jul 2005 08:20:21 -0700 To: dev@geronimo.apache.org X-Mailer: Apple Mail (2.730) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Seams reasonable. Is there a defacto standard in linux tools that we can copy for the file format? -dain On Jul 14, 2005, at 11:02 PM, sissonj@insession.com wrote: > Currently if someone specifies a userid and password on the command > line > to the deploy tool, it could be visible to other UNIX users via ps > commands. > > Should we enable the user to point the deployer to a properties file > (stored in a secured location) that contains the userid and > password. That > would be more secure for cases where the tool is being called by > scripts > and the userid/password prompting is not desired. > > Our documentation should also remind users about this security issue. > > Does this sound reasonable for a new JIRA task? > > John >