--- [EMAIL PROTECTED] wrote:
> stevel 2005/02/07 15:51:01
>
> Modified: docs/manual/CoreTasks signjar.html
> Log:
> This is actually a serious issue. if i have a
> login on a machine, I can get the keystore password
> by waiting for someone to sign a JAR on it. We can
> fix this, either by running jarsigner in VM, or by
> passing the input over stdio.
I would opt for the latter. It should be as easy as
using it for the input on the helper ExecTask, right?
What I would actually do here is add an attribute to
>
> Revision Changes Path
> 1.13 +7 -0
> ant/docs/manual/CoreTasks/signjar.html
>
> Index: signjar.html
>
>
===================================================================
> RCS file:
> /home/cvs/ant/docs/manual/CoreTasks/signjar.html,v
> retrieving revision 1.12
> retrieving revision 1.13
> diff -u -r1.12 -r1.13
> --- signjar.html 26 Nov 2004 09:52:06 -0000 1.12
> +++ signjar.html 7 Feb 2005 23:51:01 -0000 1.13
> @@ -16,6 +16,13 @@
> its modification date is used as a cue as to
> whether to resign any JAR file.
> </p>
>
> +<p>
> +<b>Security warning</b>. This task forks the
> <tt>jarsigner</tt> executable
> +(which must of course be on the path). The store
> password is passed in on
> +the command line, so visible in Unix to anyone
> running <tt>ps -ef</tt>
> +on the same host, while signing takes place. Only
> sign on a secured system.
> +</p>
> +
> <h3>Parameters</h3>
> <table border="1" cellpadding="2"
> cellspacing="0">
> <tr>
>
>
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
>
__________________________________
Do you Yahoo!?
Yahoo! Mail - 250MB free storage. Do more. Manage less.
http://info.mail.yahoo.com/mail_250
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
