[
https://issues.apache.org/jira/browse/DBCP-562?focusedWorklogId=604153&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-604153
]
ASF GitHub Bot logged work on DBCP-562:
---------------------------------------
Author: ASF GitHub Bot
Created on: 31/May/21 14:43
Start Date: 31/May/21 14:43
Worklog Time Spent: 10m
Work Description: garydgregory commented on pull request #38:
URL: https://github.com/apache/commons-dbcp/pull/38#issuecomment-851536240
Please see git master.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 604153)
Time Spent: 1h 50m (was: 1h 40m)
> Password should not be exposed via JMXBean
> ------------------------------------------
>
> Key: DBCP-562
> URL: https://issues.apache.org/jira/browse/DBCP-562
> Project: Commons DBCP
> Issue Type: Bug
> Affects Versions: 2.5.0, 2.7.0
> Reporter: Frank Gasdorf
> Assignee: Gary D. Gregory
> Priority: Critical
> Labels: security
> Fix For: 2.9.0
>
> Time Spent: 1h 50m
> Remaining Estimate: 0h
>
> if a BasicDataSource is created with jmxName set, password property is
> exposed/exported via jmx and is visible for everybody who is connected to jmx
> port.
>
> Expectation : Do not export it via BasicDataSourceMXBean Interface
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
