Roberta Marton created TRAFODION-2049:
-----------------------------------------
Summary: Securely store passwords for Trafodion use.
Key: TRAFODION-2049
URL: https://issues.apache.org/jira/browse/TRAFODION-2049
Project: Apache Trafodion
Issue Type: Sub-task
Components: sql-security
Reporter: Roberta Marton
Today, passwords are stored in the clear in a config file while the
installation or upgrade is running. After the installation completes, the
passwords are removed. However, passwords still remain in the clear in the
temp config file used by installer - people have read access. This needs to be
fixed.
In addition, the Kerberos admin password is not saved but asked when needed to
secure install. This is painful because you need to watch for the prompt.
There needs to be a way to store passwords securely on the system and/or not
store passwords but ask for them every time. Perhaps using some encryption
algorithm to save passwords in a file that can be encrypted when needed.
Investigation into the best mechanism is needed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
