[
https://issues.apache.org/jira/browse/SOLR-10076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15923998#comment-15923998
]
ASF subversion and git services commented on SOLR-10076:
--------------------------------------------------------
Commit ddda27e4deab45b9a6bfec8d61319b00f88e27f6 in lucene-solr's branch
refs/heads/master from [~cpoerschke]
[ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=ddda27e ]
SOLR-10076: 'String.format(Locale.ROOT,...' instead of (forbidden API)
'String.format(...)'
> Hiding keystore and truststore passwords from /admin/info/* outputs
> -------------------------------------------------------------------
>
> Key: SOLR-10076
> URL: https://issues.apache.org/jira/browse/SOLR-10076
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Mano Kovacs
> Assignee: Mark Miller
> Attachments: SOLR-10076.patch, SOLR-10076.patch
>
>
> Passing keystore and truststore password is done by system properties, via
> cmd line parameter.
> As result, {{/admin/info/properties}} and {{/admin/info/system}} will print
> out the received password.
> Proposing solution to automatically redact value of any system property
> before output, containing the word {{password}}, and replacing its value with
> {{******}}.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
