[
http://jira.codehaus.org/browse/MNG-4099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=236639#action_236639
]
Julien Nicoulaud commented on MNG-4099:
---------------------------------------
It is a security issue too, passing passwords in the command line is not secure
as one could browse shell history afterwards. Most commands such as ssh do not
allow it.
> Password encryption CLI switches should prompt for password if missing
> ----------------------------------------------------------------------
>
> Key: MNG-4099
> URL: http://jira.codehaus.org/browse/MNG-4099
> Project: Maven 2 & 3
> Issue Type: Improvement
> Components: Command Line
> Affects Versions: 2.1.0
> Reporter: Mark Hobson
> Priority: Trivial
> Fix For: 3.x / Backlog
>
>
> The -emp and -ep CLI switches should prompt for a password if the user omits
> it. This would help to avoid having to escape shell characters in strong
> passwords.
> Note that the docs mention that these switches prompt for a password when
> they do not:
> http://maven.apache.org/guides/mini/guide-encryption.html
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
