Yes, 2.1 was what I meant...

~Roger Whitcomb

-----Original Message-----
From: Gary Gregory [mailto:garydgreg...@gmail.com] 
Sent: Monday, July 08, 2013 5:52 PM
To: Commons Developers List
Subject: Re: [VFS] Passing around password as byte[] instead

On Mon, Jul 8, 2013 at 7:05 PM, Roger L. Whitcomb <roger.whitc...@actian.com
> wrote:

> Well, that's what .Net did with SecureString, and OpenSSL did as well.
> There is a longer discussion here:
> http://stackoverflow.com/questions/8881291/why-is-char-preferred-over-
> st
> ring-for-passwords
> that talks more about the pros and cons.
>
> The main reason I bring it up is that, even though it doesn't provide 
> *that much* extra security, providing some help at the API levels 
> seems better than doing nothing ...  It seems that, even though it 
> provides only minimal security, it is *still* considered best practice 
> to zero out password fields as soon as possible to minimize the 
> potential security risks.
>
> So, seeing that VFS 2.0 is not quite released yet, it seemed like a 
> good time to at least raise the question before the API is cast in stone.
>

2.0 has been out for a long time. 2.1 is ready for a release IMO.

Gary


>
> I'd be willing to take a crack at a patch to implement this change if 
> there was enough interest.
>
> Thanks,
> ~Roger
>
> -----Original Message-----
> From: Honton, Charles [mailto:charles_hon...@intuit.com]
> Sent: Monday, July 08, 2013 3:53 PM
> To: Commons Developers List
> Subject: Re: [VFS] Passing around password as byte[] instead
>
> Or maybe a Password class that's tailor designed to obsfucate and zero 
> contents...
>
> On 7/8/13 3:23 PM, "sebb" <seb...@gmail.com> wrote:
>
> >On 8 July 2013 23:05, Roger L. Whitcomb <roger.whitc...@actian.com>
> wrote:
> >> I had a thought that it would be more secure to pass password data 
> >> around in VFS as byte arrays instead of String objects so they 
> >> could less easily be found by memory dumpers/scanners.  This would 
> >> apply (for
> >> instance) to GenericFileName constructor and access methods, etc.
> >> Obviously, at some point, you have to convert to String (like in 
> >> "GenericFileName.appendCredentials"), but it seems like at least 
> >> some
>
> >> level of obfuscation, as in storing the data as bytes might be 
> >> useful
>
> >> to increase security.
> >
> >Another reason for using bytes is that the array can be zeroed out - 
> >or
>
> >replaced with fake password to fool hackers ;-) - once it has been 
> >used.
> >This is not possible with immutable strings.
> >
> >>
> >>
> >> Thoughts?  Thanks.
> >>
> >>
> >>
> >> ~Roger Whitcomb
> >>
> >> Apache Pivot PMC Chair
> >>
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> >For additional commands, e-mail: dev-h...@commons.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> For additional commands, e-mail: dev-h...@commons.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> For additional commands, e-mail: dev-h...@commons.apache.org
>
>


--
E-Mail: garydgreg...@gmail.com | ggreg...@apache.org Java Persistence with 
Hibernate, Second Edition<http://www.manning.com/bauer3/>
JUnit in Action, Second Edition <http://www.manning.com/tahchiev/>
Spring Batch in Action <http://www.manning.com/templier/>
Blog: http://garygregory.wordpress.com
Home: http://garygregory.com/
Tweet! http://twitter.com/GaryGregory

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org

Reply via email to