[jira] [Updated] (CASSANDRA-13428) Security: provide keystore_password_file and truststore_password_file options

[Stefan Miklosovic (Jira)]

     [ 
https://issues.apache.org/jira/browse/CASSANDRA-13428?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Miklosovic updated CASSANDRA-13428:
------------------------------------------
          Fix Version/s: 5.1
    Source Control Link: 
https://github.com/apache/cassandra/commit/37fe4b679c28234de3ee2ac0694118d5be570300
             Resolution: Fixed
                 Status: Resolved  (was: Ready to Commit)

> Security: provide keystore_password_file and truststore_password_file options
> -----------------------------------------------------------------------------
>
>                 Key: CASSANDRA-13428
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13428
>             Project: Apache Cassandra
>          Issue Type: Improvement
>          Components: Feature/Encryption, Local/Config
>            Reporter: Bas van Dijk
>            Assignee: Maulin Vasavada
>            Priority: Normal
>             Fix For: 5.1
>
>   Original Estimate: 3h
>          Time Spent: 3h 50m
>  Remaining Estimate: 0h
>
> Currently passwords are stored in plaintext in the configuration file as in:
> {code}
>     server_encryption_options:
>       keystore_password: secret
>       truststore_password: secret
>     client_encryption_options:
>       keystore_password: secret
> {code}
> This has the disadvantage that, in order to protect the secrets, the whole 
> configuration file needs to have restricted ownership and permissions. This 
> is problematic in operating systems like NixOS where configuration files are 
> usually stored in world-readable locations.
> A secure option would be to store secrets in files (with restricted ownership 
> and permissions) and reference those files from the unrestricted 
> configuration file as in for example:
> {code}
>     server_encryption_options:
>       keystore_password_file: /run/keys/keystore-password
>       truststore_password_file: /run/keys/truststore-password
>     client_encryption_options:
>       keystore_password_file: /run/keys/keystore-password
> {code}
> This is trivial to implement and provides a big gain in security.
> So in summary I'm proposing to add the {{keystore_password_file}} and 
> {{truststore_password_file}} options besides the existing 
> {{keystore_password}} and {{truststore_password options}}. The former will 
> take precedence over the latter.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org