Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-771

Enable white-space in parameters for external password command

    Details

      Description

      The current implementation of the loading the external password by a command uses Runtime.exec() which denies to pass a parameter which contains a white-space to the command, see {EXT} in org.jboss.security.Util#loadPassword(String).
      It would be nice to provide a new implementation based on ProcessBuilder.

      For example, various ssh-askpass implementations requires a parameter like 'Enter passphrase for ...'. Without the ability to directly pass such a parameter customers are pushed to create a "script in the middle" which makes their application unnecessarily complicated.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  pskopek Peter Škopek
                  Reporter:
                  istudens Ivo Studensky
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: