Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4703755

keytool displays passwords as they are entered

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Duplicate
    • Icon: P3 P3
    • None
    • 1.4.0
    • security-libs
    • generic, x86
    • generic, solaris_9, windows_nt

      The keytool displays passwords as they are entered. This
      is considered very bad practice from a security point of view.

      Example:
      # keytool -import -alias patchsigning -file /opt/SUNWppro/etc/certs/patchsigningcert.b64 -keystore /usr/j2se/jre/lib/security/cacerts
      Enter keystore password: foobar
                                ^^^^^^

      # java -version
      java version "1.4.0_00"
      Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0_00-b05)
      Java HotSpot(TM) Client VM (build 1.4.0_00-b05, mixed mode)
      # pkginfo -l SUNWj3rt
         PKGINST: SUNWj3rt
            NAME: J2SDK 1.4 runtime environment
        CATEGORY: system
            ARCH: sparc
         VERSION: 1.4.0,REV=2002.03.19.23.51
         BASEDIR: /usr
          VENDOR: Sun Microsystems, Inc.
            DESC: Java virtual machine and core class libraries
          PSTAMP: exactvm-sm19235127
        INSTDATE: May 06 2002 16:14
         HOTLINE: Please contact your local service provider
          STATUS: completely installed
           FILES: 644 installed pathnames
                        14 shared pathnames
                        65 directories
                        60 executables
                    107109 blocks used (approx)
      # uname -a
      SunOS sunhsc 5.9 Generic sun4u sparc SUNW,Ultra-60

            Unassigned Unassigned
            rkuehn Ronald Kuehn (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: