[
https://issues.apache.org/jira/browse/ZOOKEEPER-3197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated ZOOKEEPER-3197:
-------------------------------------------
Description:
A security scan flagged the use of a hard-coded secret
(ZooKeeperServer.superSecret) in conjunction with a java Random instance to
generate a password:
byte[] generatePasswd(long id)
{ Random r = new Random(id ^ superSecret); byte p[] =
new byte[16]; r.nextBytes(p); return p; }
superSecret has the following javadoc:
/**
* This is the secret that we use to generate passwords, for the moment it
* is more of a sanity check.
*/
It is unclear from this comment and looking at the code why it is not a
security risk. It would be good to update the javadoc along the lines of "Using
a hard-coded secret with Random to generate a password is not a security risk
because the resulting passwords are used for X, Y, Z and not for authentication
etc" or something would be very helpful for anyone else looking at the code.
was:
A security scan flagged the use of a hard-coded secret
(ZooKeeperServer.superSecret) in conjunction with a java Random instance to
generate a password:
byte[] generatePasswd(long id)
{
Random r = new Random(id ^ superSecret);
byte p[] = new byte[16];
r.nextBytes(p);
return p;
}
superSecret has the following javadoc:
/**
* This is the secret that we use to generate passwords, for the moment it
* is more of a sanity check.
*/
It is unclear from this comment and looking at the code why it is not a
security risk. It would be good to update the javadoc along the lines of "Using
a hard-coded secret with Random to generate is not a security risk because the
resulting passwords are used for X and not for authentication" or something
would be very helpful for anyone else looking at the code.
> Improve documentation in ZooKeeperServer.superSecret
> ----------------------------------------------------
>
> Key: ZOOKEEPER-3197
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3197
> Project: ZooKeeper
> Issue Type: Task
> Reporter: Colm O hEigeartaigh
> Priority: Trivial
>
> A security scan flagged the use of a hard-coded secret
> (ZooKeeperServer.superSecret) in conjunction with a java Random instance to
> generate a password:
> byte[] generatePasswd(long id)
> { Random r = new Random(id ^ superSecret); byte p[] =
> new byte[16]; r.nextBytes(p); return p; }
> superSecret has the following javadoc:
> /**
> * This is the secret that we use to generate passwords, for the moment it
> * is more of a sanity check.
> */
> It is unclear from this comment and looking at the code why it is not a
> security risk. It would be good to update the javadoc along the lines of
> "Using a hard-coded secret with Random to generate a password is not a
> security risk because the resulting passwords are used for X, Y, Z and not
> for authentication etc" or something would be very helpful for anyone else
> looking at the code.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
