You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Bas van Dijk (JIRA)" <ji...@apache.org> on 2017/04/08 13:07:41 UTC
[jira] [Created] (CASSANDRA-13428) Security: provide
keystore_password_file and truststore_password_file options
Bas van Dijk created CASSANDRA-13428:
----------------------------------------
Summary: Security: provide keystore_password_file and truststore_password_file options
Key: CASSANDRA-13428
URL: https://issues.apache.org/jira/browse/CASSANDRA-13428
Project: Cassandra
Issue Type: Improvement
Components: Configuration
Reporter: Bas van Dijk
Currently passwords are stored in plaintext in the configuration file as in:
server_encryption_options:
keystore_password: secret
truststore_password: secret
client_encryption_options:
keystore_password: secret
This has the disadvantage that, in order to protect the secrets, the whole configuration file needs to have restricted ownership and permissions. This is problematic in operating systems like NixOS where configuration files are usually stored in world-readable locations.
A secure option would be to store secrets in files (with restricted ownership and permissions) and reference those files from the unrestricted configuration file as in for example:
server_encryption_options:
keystore_password_file: /run/keys/keystore-password
truststore_password_file: /run/keys/truststore-password
client_encryption_options:
keystore_password_file: /run/keys/keystore-password
This is trivial to implement and provides a big gain in security.
So in summary I'm proposing to add the keystore_password_file and truststore_password_file options besides the existing keystore_password and truststore_password options. The former will take precedence over the latter.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)