Chris, I am not sure I buy your argument that because there is somewhere else in an implementation that is as insecure as cleartext password, then there is no point in fixing the cleartext password issue. With this argument, we would never care about fixing any security holes, because one can always find a new security hole to exploit. Plus, well, the assumption that someone is using a password-less key with Apache running with SSL is pretty weak, because there are ways to avoid using password-less key.
As far as the UNIX password analogy, tomcat may be seen as a user, not UNIX, but it still performs authentication. So in my mind, it is filling in for both roles (UNIX and user). I have the impression that using MD5/SHA hashing would be a good option, because it would be simple, would not require any additional key, would provide some sense of security. Not the silverlining, but better than cleartext, for sure. Martin On 5/1/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Martin, Martin Dubuc wrote: > But it strikes me that Tomcat > is the only application I know where passwords are stored in clear > text. I'll bet that Tomcat is the only application that needs to know its own passwords. Do you have Apache running with SSL? Where do you store the password for the SSL key? I'll bet that you have a password-less key, which is just about the same as a cleartext password lying around. > Why wouldn't we at least store the MD5 hash of the passwords > instead of the password in clear text, or use a scheme similar to the > Unix /etc/passwd file? Because UNIX password files are used to authenticate a user typing their password. In this analogy, Tomcat isn't UNIX, Tomcat is /the user/. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGN2H+9CaO5/Lv0PARAqqrAKDAc7F2rge4Xl0UaND7rhGicN3DYQCdEi4V c9p5LvXt+HudZAMm/98Y3b4= =FqMz -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
