You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geode.apache.org by "Kevin Duling (JIRA)" <ji...@apache.org> on 2016/12/07 18:08:59 UTC
[jira] [Commented] (GEODE-2119) gfsh user and password visible in
clear text
[ https://issues.apache.org/jira/browse/GEODE-2119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15729433#comment-15729433 ]
Kevin Duling commented on GEODE-2119:
-------------------------------------
I've tested the scenarios listed above and found:
# History is redacted.
{code}
/ _____/ ______/ ______/ /____/ /
/ / __/ /___ /_____ / _____ /
/ /__/ / ____/ _____/ / / / /
/______/_/ /______/_/ /_/ 1.1.0-SNAPSHOT
Monitor and Manage Apache Geode (incubating)
gfsh>history
1 0: start locator --name=loc-sec --classpath=/Users/kduling/foo --properties-file=./gemfire.properties
2 1: quit
3 2: start locator --name=loc-sec --classpath=/Users/kduling/foo --security-properties-file=./security.properties
4 3: connect connect --locator=pdx2-office-dhcp9.eng.vmware.com[10334]
5 4: quit
6 5: start server --name=srv-sec --locators=pdx2-office-dhcp9.eng.vmware.com[10334] --user=admin --password=***** --classpath=/Users/kduling/foo
7 6: quit
8 7: start server --name=srv-sec2 --locators=pdx2-office-dhcp9.eng.vmware.com[10334] --user=admin --password=***** --classpath=/Users/kduling/foo
9 8: start server --name=srv-sec2 --locators=pdx2-office-dhcp9.eng.vmware.com[10334] --user=admin --password=***** --classpath=/Users/kduling/foo --port=40405
10 9: quit
11 10: history
{code}
# Default gfsh_history file and a new one written with --file also is redacted.
# We can't prevent users from using the --password parameter as a command-line option, but we can recommend against it. Other systems such as postgres, mysql, oracle, all suffer from this.
Made changes to suppress the password in the log file.
> gfsh user and password visible in clear text
> --------------------------------------------
>
> Key: GEODE-2119
> URL: https://issues.apache.org/jira/browse/GEODE-2119
> Project: Geode
> Issue Type: Bug
> Components: gfsh
> Reporter: Karen Smoler Miller
> Assignee: Kevin Duling
>
> Both gfsh connect and gfsh start server allow the specification on the command line of a user name and a password for use as credentials in authentication. Clear text versions of the user name and password are then visible
> 1. if the user runs gfsh history
> 2. in historyfile, if the user runs gfsh history --file=historyfile
> 3. in the output of ps
> It would be worth a check to see if clear text versions of the user or password end up in any locator or server logs. I don't believe it does for gfsh connect, but it might for the start server case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)