Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-5728 Update to JBoss Security 2.0.4 SP6
  3. JBPAPP-5729

org.jboss.security.plugins.FilePassword requires write permission for decoding

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Minor Minor
    • EAP_EWP 5.1.1
    • EAP_EWP 5.1.0
    • Security
    • None
    • Release Notes
    • Hide
      The org.jboss.security.plugins.FilePassword file previously required write permission even for decoding the password. The file could not be changed to read-only for regular users because it was inaccessible. This issue has been fixed by changing the file permissions from to read-only.
      Show
      The org.jboss.security.plugins.FilePassword file previously required write permission even for decoding the password. The file could not be changed to read-only for regular users because it was inaccessible. This issue has been fixed by changing the file permissions from to read-only.
    • Documented as Resolved Issue

      We use org.jboss.security.plugins.FilePassword to avoid storing passwords in clear text. Once created, we'd like to change the file's permission to read-only for regular users in order to ensure that only trusted users can update it.

      However, this won't work as the class FilePassword always requires write permission even for decoding the password. The class should be modified so that write permission is only required when create / update the password file.

        1. SECURITY-292.patch
          0.6 kB

            rhn-support-bmaxwell Brad Maxwell
            rhn-support-bmaxwell Brad Maxwell
            Rebecca Newton Rebecca Newton (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: