[jboss-jira] [JBoss JIRA] (WFLY-2097) The vault wants write access to the keystore even when not needed
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Wed Oct 23 05:30:02 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2097?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-2097:
-----------------------------------
Assignee: Anil Saldhana (was: Darran Lofthouse)
> The vault wants write access to the keystore even when not needed
> -----------------------------------------------------------------
>
> Key: WFLY-2097
> URL: https://issues.jboss.org/browse/WFLY-2097
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Security
> Affects Versions: 8.0.0.Alpha4
> Reporter: Tom Fonteyne
> Assignee: Anil Saldhana
>
> security/src/main/java/org/jboss/as/security/vault/VaultSession.java
> want constant "write" access to the keystore. This is considered to be a security risk.
> We understand this was a requirement to allow upgrades to be done automatically but don't see why the write-access has to be permanent
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list