[
https://issues.apache.org/jira/browse/LOG4J2-1896?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Remko Popma reopened LOG4J2-1896:
---------------------------------
The implementation seems only partially complete. {{StoreConfiguration}},
{{AbstractKeyStoreConfiguration}}, {{KeyStoreConfiguration}} and
{{TrustStoreConfiguration}} can still only be constructed with a String object
password. Calling {{toCharArray}} on this object does not help since the
original String object is still resident in memory.
To be more secure, the String object should never be created. All these
constructors should accept only a char[] array.
TBD:
* Can the char[] array be nulled out after successful authentication?
* Passwords are passed to Log4j as plaintext in configuration. This is a
security risk. People may be using system properties or environment variables
for this, but what is the "recommended" way?
> Update org.apache.logging.log4j.core.net.ssl.StoreConfiguration from a String
> to char[] to represent its password
> -----------------------------------------------------------------------------------------------------------------
>
> Key: LOG4J2-1896
> URL: https://issues.apache.org/jira/browse/LOG4J2-1896
> Project: Log4j 2
> Issue Type: Improvement
> Components: Configurators
> Reporter: Gary Gregory
> Assignee: Gary Gregory
> Fix For: 2.9
>
>
> Update {{org.apache.logging.log4j.core.net.ssl.StoreConfiguration}} from a
> {{String}} to {{char[]}} to represent its password.
> The goal is to reduce the security risk of using a String for a password. See
> https://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
