maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brett Porter (JIRA)" <j...@codehaus.org>
Subject [jira] Closed: (MNG-4928) mvn --encrypt-master-password is insecure
Date Wed, 08 Dec 2010 12:48:58 GMT

     [ http://jira.codehaus.org/browse/MNG-4928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brett Porter closed MNG-4928.
-----------------------------

    Resolution: Duplicate
      Assignee: Brett Porter

> mvn --encrypt-master-password is insecure
> -----------------------------------------
>
>                 Key: MNG-4928
>                 URL: http://jira.codehaus.org/browse/MNG-4928
>             Project: Maven 2 & 3
>          Issue Type: Bug
>          Components: Command Line
>    Affects Versions: 2.2.1, 3.0, 3.0.1
>            Reporter: Greg Wilkins
>            Assignee: Brett Porter
>
> gregw@Brick: ~
> [506] mvn --encrypt-master-password something-very-very-secret
> {zfC2klZItekHCPGwE+R0JZ2+RjyDlqxP343ThV0R3B5taWEHbI5t+QGfXOZ0mq9j}
> gregw@Brick: ~
> [507] history 2
>   506  mvn --encrypt-master-password something-very-very-secret
>   507  history 2
> commands that take passwords should not accept them from the command line, as they are
then visible in history and even in some PS output. They should prompt for passwords with
echo turned off.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message