[
https://issues.apache.org/jira/browse/CONNECTORS-486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13431746#comment-13431746
]
Karl Wright commented on CONNECTORS-486:
----------------------------------------
I looked at encryption export restrictions. It seems that as long as we
acknowledge that we are using encryption for this purpose in the notice file we
should be OK. If you can furthermore set things up so that the keys are
generated externally and simply provided as arguments to the operations that
need them, then we can leave it up to the user to generate an AES key of
whatever strength their software supports.
> Optionally export crawler configuration without passwords
> ---------------------------------------------------------
>
> Key: CONNECTORS-486
> URL: https://issues.apache.org/jira/browse/CONNECTORS-486
> Project: ManifoldCF
> Issue Type: Improvement
> Components: Framework agents process
> Reporter: Erlend GarĂ¥sen
> Assignee: Erlend GarĂ¥sen
> Priority: Minor
> Fix For: ManifoldCF 0.7
>
>
> The "org.apache.manifoldcf.crawler.ExportConfiguration" command class is
> exporting passwords, for instance to the configured Solr server (Solr Output
> Connector). This may be a security problem if the export file is
> version-controlled or placed on a public server.
> We should add an extra "no password" argument to the command class in order
> to skip such passwords.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
