RFR: 8354469: Keytool exposes the password in plain text when command is piped using | grep [v3]
Weijun Wang
weijun at openjdk.org
Wed Sep 10 19:58:55 UTC 2025
On Wed, 10 Sep 2025 19:36:54 GMT, Francesco Andreuzzi <fandreuzzi at openjdk.org> wrote:
>> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Merge branch 'master' into 8354469
>> - decouple PassFailJFrame.java change; simplify code flow
>> - the fix
>
> src/java.base/share/classes/sun/security/util/Password.java line 167:
>
>> 165: if (c1 != null) {
>> 166: return c1.readPassword();
>> 167: } else {
>
> The `else` clause is not needed, you could save an indentation level
The indentation is not very deep, and I actually like the symmetry between 2 different kind of "consoles". As long as there is no performance gain, I'll keep my style.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27196#discussion_r2337761565
More information about the client-libs-dev
mailing list