[Pki-devel] [PATCH] 193 Reorganized sensitive parameters.
Endi Sukma Dewata
edewata at redhat.com
Wed Nov 28 16:07:43 UTC 2012
Previously sensitive parameters are stored in the Sensitive section in
the configuration file, separate from the hierarchical structure used
by non-sensitive parameters. To allow defining multiple subsystems in
a single configuration file the sensitive and non-sensitive parameters
have been reorganized into the same hierarchical structure.
To maintain the security a new meta-parameter has been added to list
all sensitive parameter names. This way the deployment code will know
whether a parameter is sensitive, which then will mask the value before
displaying it to the screen or storing it in a log file.
Ticket #399
Also attached is a patch to update IPA's configuration code.
--
Endi S. Dewata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-edewata-0193-Reorganized-sensitive-parameters.patch
Type: text/x-patch
Size: 46633 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20121128/ab768fa3/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-edewata-0350-Configuring-CA-with-ConfigParser.patch
Type: text/x-patch
Size: 9556 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20121128/ab768fa3/attachment-0001.bin>
More information about the Pki-devel
mailing list