Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-5718

org.jboss.security.plugins.FilePassword requires write permission for decoding

XMLWordPrintable

    • Hide
      org.jboss.security.plugins.FilePassword required write permission for all operations. This limited the security options available for restricting access to this file by regular users. The class is now modified so that after initially creating the file, write permission is only required when a user tries to create or update the password file.
      Show
      org.jboss.security.plugins.FilePassword required write permission for all operations. This limited the security options available for restricting access to this file by regular users. The class is now modified so that after initially creating the file, write permission is only required when a user tries to create or update the password file.
    • Documented as Resolved Issue

      We use org.jboss.security.plugins.FilePassword to avoid storing passwords in clear text. Once created, we'd like to change the file's permission to read-only for regular users in order to ensure that only trusted users can update it.

      However, this won't work as the class FilePassword always requires write permission even for decoding the password. The class should be modified so that write permission is only required when create / update the password file.

        1. SECURITY-292.patch
          0.6 kB

            rhn-support-bmaxwell Brad Maxwell
            rhn-support-bmaxwell Brad Maxwell
            Jared Morgan Jared Morgan (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: