[jira] [Updated] (GEODE-503) Geode can leak SSL keystore password via the log file

Vincent Ford (JIRA) Tue, 27 Oct 2015 10:27:13 -0700

     [ 
https://issues.apache.org/jira/browse/GEODE-503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vincent Ford updated GEODE-503:
-------------------------------
    Attachment: AbstractConfigJUnitTest.java

Unit test that shows the area that has issues. 

> Geode can leak SSL keystore password via the log file
> -----------------------------------------------------
>
>                 Key: GEODE-503
>                 URL: https://issues.apache.org/jira/browse/GEODE-503
>             Project: Geode
>          Issue Type: Bug
>          Components: core
>            Reporter: Vincent Ford
>         Attachments: AbstractConfigJUnitTest.java
>
>
> KeyStore password can be leaked via the log file, as this may get printed and 
> is unintended. This could cause a security issue for some users by leaking 
> information that could allow access to the keystore holding the SSL 
> certificate used to validate connections between members. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (GEODE-503) Geode can leak SSL keystore password via the log file

Reply via email to