[jira] [Commented] (QPID-4013) Windows Broker SSL is more difficult to use than necessary and possibly less secure than possible

Mon, 21 May 2012 15:07:44 -0700 

    [ 
https://issues.apache.org/jira/browse/QPID-4013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280539#comment-13280539
 ] 

Andrew Stitcher commented on QPID-4013:
---------------------------------------

It would be better to always open the certificate store readonly.

The default certificate store should be the usual default, CurrentUser, which 
wouldn't be visible to other users on the machine.

However I suggest that the certificate store used should be configurable for 
flexibility and backwards compatibility. It would also make sense to allow 
CurrentService as an option as running qpidd as a service is now possible.

                
> Windows Broker SSL is more difficult to use than necessary and possibly less 
> secure than possible
> -------------------------------------------------------------------------------------------------
>
>                 Key: QPID-4013
>                 URL: https://issues.apache.org/jira/browse/QPID-4013
>             Project: Qpid
>          Issue Type: Improvement
>          Components: C++ Broker
>    Affects Versions: 0.14, 0.16, 0.17
>         Environment: Windows
>            Reporter: Andrew Stitcher
>            Assignee: Andrew Stitcher
>            Priority: Minor
>             Fix For: 0.17
>
>
> The current Windows Broker SSL code always uses the LocalMachine certificate 
> store opened read/write. This has a number of drawbacks:
> * Opening read/write means that the broker has to run as administrator to use 
> the certificates in the store. The broker only reads from the store so this 
> is actually unnecessary.
> * Forcing use of LocalMachine for the certificates means that they are 
> readable by every user on the machine which might be a security issue. As it 
> would allow any process on the machine to impersonate the qpid broker.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to