On Mon, 13 Aug 2001, Christopher Cain wrote:
> I'm in the process of cleaning up the 4.0 SSLServerSocketFactory, and it
> occurs to me that I find the getKeystorePass method offensive. There
> should never be any reason to retrieve the keystore password once it's
> set, and it makes me uncomfortable having the method there. I'm not sure
> if it could somehow be called from a webapp,
It cannot.
> but it could certainly be
> called from a malicious module.
It can.
> Even simpler, a single startup class
> could be modified to echo the password to either sysout or a logfile. If
> I'm working on a module to allow administrators to remove the password
> from server.xml, this method becomes a security hole.
>
Let me double check that there's no dependencies in the J2EE RI -- I don't
think there are, but ...
> Anyone care if I remove this method? It's not currently being called
> from anywhere, and I can't think of a legitimate use for it. There
> should never be a way to display passwords in any system.
>
> Can I fix this in 3.3 as well?
>
> Your resident paranoid security freak,
>
> Christopher
>
Craig
