[jboss-jira] [JBoss JIRA] (WFLY-8196) CS tool, invalid options are accepted
Martin Choma (JIRA)
issues at jboss.org
Wed Feb 22 07:38:00 EST 2017
Martin Choma created WFLY-8196:
----------------------------------
Summary: CS tool, invalid options are accepted
Key: WFLY-8196
URL: https://issues.jboss.org/browse/WFLY-8196
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Martin Choma
Assignee: Darran Lofthouse
Priority: Critical
Curently if I provide invalid option (e.g. --option_does_not_exists) it is accepted(ignored) and command is performed
{code}
[mchoma at localhost bin]$ java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret supersecretpassword --location="/tmp/test.store" --uri "cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS" --password mycspassword --salt 12345678 --iteration 230 --summary --option_does_not_exists
Alias "myalias" has been successfully stored
Credential store command summary:
--------------------------------------
/subsystem=elytron/credential-store=test:add(uri="cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="MASK-uNWeyrmbByBEjgZM1FAPQW==;12345678;230"})
{code}
It will be safer if command fail instead. It will guard users from unintentional command beeing performed.
{code}
[mchoma at localhost bin]$ java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret supersecretpassword --location="/tmp/test.store" --uri "cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS" --password mycspassword --salt 12345678 --iteration 230 --summary --option_does_not_exists
wildfly-elytron-tool: invalid option -- 'option_does_not_exists'
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list