196224 – Security problem with attributes containing sensitive data

Bug 196224 - Security problem with attributes containing sensitive data

Summary: Security problem with attributes containing sensitive data

Status:	ASSIGNED

Alias:	None

Product:	z_Archived
Classification:	Eclipse Foundation
Component:	Higgins (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P2 major (vote)
Target Milestone:	---
Assignee:	Jim Sermersheim
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-07-11 15:55 EDT by Jim Sermersheim
Modified:	2016-11-09 16:27 EST (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jim Sermersheim

2007-07-11 15:55:54 EDT

We have an existing problem with org.eclipse.higgins.common.AuthNNamePasswordMaterials as it holds a password in a String. String is not mutable, thus its contents are more subject to being discovered because data known to be sensitive can't be zeroed out.
 
It's easy to fix the constructor, but the name and password are stored as IAttributes.  As their values are simple attrributes, their lexical representations are passed around in Strings.
 
Should we change org.eclipse.higgins.idas.api.ITypedValue such that getLexical and getCanonical return char arrays instead of Strings so that when they're known to contain sensitive data, they can be overwritten when no longer used?

Comment 1 Jim Sermersheim

2007-07-12 17:40:25 EDT

Mike suggests a special attribute type ISecretAttribute

Comment 2 Jim Sermersheim

2007-11-30 20:53:38 EST

mail thread started at http://dev.eclipse.org/mhonarc/lists/higgins-dev/msg03462.html