[jdk21u-dev] RFR: 8354469: Keytool exposes the password in plain text when command is piped using | grep [v2]
Goetz Lindenmaier
goetz at openjdk.org
Sun Feb 22 19:43:07 UTC 2026
> Edit of src/java.base/share/classes/sun/security/util/resources/security.properties
> applied to sun/security/util/Resources.java as
> "8345940: Migrate security-related resources from Java classes to properties files" not in 21.
>
>
> test/jdk/sun/security/util/Resources/Usages.java
> Trivial resolve as "8338411: Implement JEP 486: Permanently Disable the Security Manager" is not in 21.
>
> The new test jdk/sun/security/tools/keytool/EchoPassword.java fails for passwords with non-ascii characters.
> I think this is because many changes to pass the encoding around are missin in 21, especially https://bugs.openjdk.org/browse/JDK-8330276: Console methods with explicit Locale. Removed the part of the test using non-ascii.
Goetz Lindenmaier has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase.
-------------
Changes:
- all: https://git.openjdk.org/jdk21u-dev/pull/2617/files
- new: https://git.openjdk.org/jdk21u-dev/pull/2617/files/db4fdf7b..db4fdf7b
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk21u-dev&pr=2617&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk21u-dev&pr=2617&range=00-01
Stats: 0 lines in 0 files changed: 0 ins; 0 del; 0 mod
Patch: https://git.openjdk.org/jdk21u-dev/pull/2617.diff
Fetch: git fetch https://git.openjdk.org/jdk21u-dev.git pull/2617/head:pull/2617
PR: https://git.openjdk.org/jdk21u-dev/pull/2617
More information about the jdk-updates-dev
mailing list