[CONNECTORS-1327] Put obfuscation password in an external file - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: ManifoldCF 2.4
Fix Version/s: ManifoldCF next
Component/s: Framework core
Labels:
- security

Flags:

Patch

Description

It seems that the obfuscation tool uses a symmetric encoding with password and salt to obfuscate/deobfuscate passwords. I can see that there is a way to change the salt with a property, but it seems that the password is hardcoded in the source code.In order to try to improve security in MCF, I would like to be able to store the password (that is currently hardcoded) used for obfuscation in a specific configuration file. The aim of this approach is to be able to change it but also to be able to add specific linux access right on it.

Attachments

Activity

People

Assignee:: Karl Wright

Reporter:: Aurélien

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Jul/16 14:12

Updated:: 05/Apr/17 12:05