[wsas-java-dev] Security improvements to WSAS
James Clark
james at wso2.com
Tue Feb 6 00:11:09 PST 2007
On Tue, 2007-02-06 at 13:24 +0530, Afkham Azeez wrote:
> We have a non-interactive startup mode. At the moment, we need to export
> JAVA_OPTS="-Dwso2wsas.admin.password=xyz" before starting up WSAS. Then
> the during startup WSAS will not prompt you for a password.
>
> Another thing we can do is;
>
> ./wso2wsas.sh --admin-password xyz
Putting passwords (or any sensitive data) on the command-line is a
security hole on Linux/Unix: an unprivileged user can see the
command-line used by any user (including the root user).
James
More information about the Wsas-java-dev
mailing list