mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: c760c3 | patch | commitdiff
jvergara
24.53.2007 ceb40381287fda71eec0f4c7004e4acdd17dd570
refs
author jvergara <jvergara@localhost>
Tuesday, April 24, 2007 15:53 +0200
committer jvergara <jvergara@localhost>
Tuesday, April 24, 2007 15:53 +0200
commitceb40381287fda71eec0f4c7004e4acdd17dd570
tree 882a0db87f950c40e81d5f2227503804209d81b8 tree | zip | gz
parent c760c3566a0f8d34bde8e978b94d89b61f2cd349 view | diff 
Avoid a security hole caused because CertificateManager class was calling Runtime.exec and providing some passwords in clear.  The modifications in the code use the OuputStream of the process that is generated to pass the password.  The resulting code depends has been tested using JDK 1.5 and 1.6 on Solaris sparc, Windows XP and Linux 2.4.7.
1 files modified
109 ■■■■ changed files
opendj-sdk/opends/src/server/org/opends/server/util/CertificateManager.java 109 ●●●● diff | view | raw | blame | history