[ https://issues.apache.org/jira/browse/ZOOKEEPER-4396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17483647#comment-17483647 ]
Mate Szalay-Beko commented on ZOOKEEPER-4396: --------------------------------------------- This patch merged to the master branch, will be part of the 3.8.0 release. Thank you [~liwang] for the contribution! (I also linked ZOOKEEPER-4458. to this case) > Read Key/trust store password from file > --------------------------------------- > > Key: ZOOKEEPER-4396 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4396 > Project: ZooKeeper > Issue Type: Improvement > Components: security > Affects Versions: 3.8.0 > Reporter: Li Wang > Priority: Major > Labels: pull-request-available > Fix For: 3.8.0 > > Time Spent: 3h > Remaining Estimate: 0h > > Key/trust store password is currently specified as plain text via system > property or config property. To avoid exposing passwords as plain text and > reduce security vulnerability, it would be great if zookeeper can read the > password from a file that is protected with restricted permissions. -- This message was sent by Atlassian Jira (v8.20.1#820001)