You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2012/04/27 13:46:29 UTC
[Bug 53139] Prevent showing keystore/truststore passwords via JMX in
cleartext (with solution)
https://issues.apache.org/bugzilla/show_bug.cgi?id=53139
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
I not convinced that there is a security problem to solve here. JMX access is
equivalent to full admin access and admins would be able to read those values
in server.xml anyway.
--
You are receiving this mail because:
You are the assignee for the bug.