[jboss-jira] [JBoss JIRA] (SECURITY-771) Enable white-space in parameters for external password command
Ivo Studensky (JIRA)
jira-events at lists.jboss.org
Wed Dec 4 02:59:05 EST 2013
Ivo Studensky created SECURITY-771:
--------------------------------------
Summary: Enable white-space in parameters for external password command
Key: SECURITY-771
URL: https://issues.jboss.org/browse/SECURITY-771
Project: PicketBox
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: JBossSX
Affects Versions: PicketBox_4_0_19.Final
Reporter: Ivo Studensky
Assignee: Ivo Studensky
The current implementation of the loading the external password by a command uses Runtime.exec() which denies to pass a parameter which contains a white-space to the command, see {EXT} in org.jboss.security.Util#loadPassword(String).
It would be nice to provide a new implementation based on ProcessBuilder.
For example, various ssh-askpass implementations requires a parameter like 'Enter passphrase for ...'. Without the ability to directly pass such a parameter customers are pushed to create a "script in the middle" which makes their application unnecessarily complicated.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list