RFR: 8354469: Keytool exposes the password in plain text when command is piped using | grep [v3]
Francesco Andreuzzi
fandreuzzi at openjdk.org
Wed Sep 10 19:39:43 UTC 2025
On Wed, 10 Sep 2025 17:33:05 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Allow password hiding even if there is no `System.console`. A manual test is included.
>
> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>
> - Merge branch 'master' into 8354469
> - decouple PassFailJFrame.java change; simplify code flow
> - the fix
src/java.base/share/classes/sun/security/util/Password.java line 167:
> 165: if (c1 != null) {
> 166: return c1.readPassword();
> 167: } else {
The `else` clause is not needed, you could save an indentation level
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27196#discussion_r2337724730
More information about the client-libs-dev
mailing list