Details
-
Improvement
-
Status: Open
-
Normal
-
Resolution: Unresolved
-
None
-
None
Description
Currently passwords are stored in plaintext in the configuration file as in:
server_encryption_options:
keystore_password: secret
truststore_password: secret
client_encryption_options:
keystore_password: secret
This has the disadvantage that, in order to protect the secrets, the whole configuration file needs to have restricted ownership and permissions. This is problematic in operating systems like NixOS where configuration files are usually stored in world-readable locations.
A secure option would be to store secrets in files (with restricted ownership and permissions) and reference those files from the unrestricted configuration file as in for example:
server_encryption_options:
keystore_password_file: /run/keys/keystore-password
truststore_password_file: /run/keys/truststore-password
client_encryption_options:
keystore_password_file: /run/keys/keystore-password
This is trivial to implement and provides a big gain in security.
So in summary I'm proposing to add the keystore_password_file and truststore_password_file options besides the existing keystore_password and truststore_password options. The former will take precedence over the latter.
Attachments
Issue Links
- relates to
-
-
- Resolved
-
