zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-3197) Improve documentation in ZooKeeperServer.superSecret
Date Mon, 07 Jan 2019 15:09:00 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-3197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16735932#comment-16735932
] 

Hudson commented on ZOOKEEPER-3197:
-----------------------------------

SUCCESS: Integrated in Jenkins build ZooKeeper-trunk #339 (See [https://builds.apache.org/job/ZooKeeper-trunk/339/])
ZOOKEEPER-3197: Improve documentation in ZooKeeperServer.superSecret (andor: rev 36b8711ebfd7ea749d547a52ddcd7d8853931728)
* (edit) zookeeper-server/src/main/java/org/apache/zookeeper/server/ZooKeeperServer.java


> Improve documentation in ZooKeeperServer.superSecret
> ----------------------------------------------------
>
>                 Key: ZOOKEEPER-3197
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3197
>             Project: ZooKeeper
>          Issue Type: Task
>            Reporter: Colm O hEigeartaigh
>            Priority: Trivial
>              Labels: pull-request-available
>             Fix For: 3.6.0, 3.5.5
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> A security scan flagged the use of a hard-coded secret (ZooKeeperServer.superSecret)
in conjunction with a java Random instance to generate a password:
> byte[] generatePasswd(long id)
> {             Random r = new Random(id ^ superSecret);            
byte p[] = new byte[16];             r.nextBytes(p);             return
p;     }
> superSecret has the following javadoc:
>  /**
>     * This is the secret that we use to generate passwords, for the moment it
>     * is more of a sanity check.
>     */
> It is unclear from this comment and looking at the code why it is not a security risk.
It would be good to update the javadoc along the lines of "Using a hard-coded secret with
Random to generate a password is not a security risk because the resulting passwords are used
for X, Y, Z and not for authentication etc" or something would be very helpful for anyone
else looking at the code.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message