[jdk21u-dev] RFR: 8354469: Keytool exposes the password in plain text when command is piped using | grep
Goetz Lindenmaier
goetz at openjdk.org
Fri Feb 20 09:59:39 UTC 2026
On Thu, 19 Feb 2026 14:15:30 GMT, Ralf Schmelter <rschmelter at openjdk.org> wrote:
> Regarding the manual EchoPassword test, you could check for the readPassword() method taking a locale in Console and if not found don't include the instructions for the last two tests (if any poor soul really does them manually).
Hi,
Well, this would make the test fit in case the other changes are backported. But that's quite unlikely as they require CSR etc. i.e. do intrusive changes. And it won't improve security if they are backported. So I just removed the test parts.
-------------
PR Comment: https://git.openjdk.org/jdk21u-dev/pull/2617#issuecomment-3932748577
More information about the jdk-updates-dev
mailing list