Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-771

Enable white-space in parameters for external password command

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • PicketBox_4_0_20.Final
    • PicketBox_4_0_19.Final
    • JBossSX
    • None

      The current implementation of the loading the external password by a command uses Runtime.exec() which denies to pass a parameter which contains a white-space to the command, see {EXT} in org.jboss.security.Util#loadPassword(String).
      It would be nice to provide a new implementation based on ProcessBuilder.

      For example, various ssh-askpass implementations requires a parameter like 'Enter passphrase for ...'. Without the ability to directly pass such a parameter customers are pushed to create a "script in the middle" which makes their application unnecessarily complicated.

              pskopek@redhat.com Peter Skopek
              istudens@redhat.com Ivo Studensky
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: