[
https://issues.apache.org/jira/browse/JSPWIKI-205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14161748#comment-14161748
]
Glen Mazza commented on JSPWIKI-205:
------------------------------------
I don't know enough about encryption to know how degraded encryption would be
with a hardcoded salt value but that looks like a code smell to be hardcoding
it. I would prefer a stop-the-presses, halt JSPWiki exception if you try to
activate encryption without properly setting the salt value or other
secure/sensitive values such as passwords. Someone who doesn't know how to
create a correct salt value has no business trying to activate the JSPWiki
encryption. We can someday document on our Wiki how to create salt values
(preferably link to some other place that explains it well), but until then the
dev needs to know his stuff.
What you call the "administrator" is frequently just a programming grunt who
only cares about reporting back to his technically clueless manager that the
pages are encrypted. It's perhaps usually not the grunt's data that is being
compromised (so he is less concerned), but possibly yours or my data, so
JSPWiki should have some built-in safeguards to protect against "lazy"
developers compromising other people's data due to haphazard encryption
configuration.
On the other hand, what if the developer puts in a 0 or a 1 for the salt value,
or some similar value that makes (?) encryption meaningless? If you know
enough about the proper structure of salt values, a further sanity check that
the salt value is something usable--say minimum length--might be nice to add.
By the way, thanks for your work so far on this project.
> Obfuscate on disk content type
> ------------------------------
>
> Key: JSPWIKI-205
> URL: https://issues.apache.org/jira/browse/JSPWIKI-205
> Project: JSPWiki
> Issue Type: Improvement
> Components: Core & storage
> Reporter: Chris Lialios
> Priority: Trivial
> Attachments: BasicOverview.doc, EncryptingProviderSource.zip,
> encryption.patch, encryption.patch, encryption.patch, encryption.patch
>
>
> We would like to store passwords within the wiki pages.
> Securing the page is trivial, however the contents on disk remain clear text.
> It would be very nice to have a page type that could be stored in an
> obfuscated form on disk.
> As an addition have a secondary password to display/edit the encrypted
> contents on disk for those who do not want to use wiki security on the page.
> I suspect this will have potentially drastic effects on the revisions
> process, but it would be a small price to pay for security.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
