You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Lorenz Quack (JIRA)" <ji...@apache.org> on 2016/03/07 09:55:40 UTC

[jira] [Created] (QPID-7128) [Java Broker] Add SystemTest that scans all output for occurrance of a well known password

Lorenz Quack created QPID-7128:
----------------------------------

             Summary: [Java Broker] Add SystemTest that scans all output for occurrance of a well known password
                 Key: QPID-7128
                 URL: https://issues.apache.org/jira/browse/QPID-7128
             Project: Qpid
          Issue Type: Test
          Components: Java Broker, Java Tests
            Reporter: Lorenz Quack
            Priority: Minor


By setting a easily identifiable (random) well known password we can gain some level of confidence that we do not accidentally leak it in a plaintext way be scaning all output (TRACE broker & client logs, STDOUT, STDERR, config files) for the occurrence of that password.
Additionally, we could scan for unsalted hashes (SHA1, SHA2, MD5).




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org