Aaron Sedgmen created an issue |
Parameterised AWS keys in S3 blobstore being resolved to literals and written to config file |
Issue Type: |
Bug |
---|---|
Affects Versions: |
2.21.0 |
Assignee: |
Unassigned |
Components: |
GWC-S3 |
Created: |
20/Jun/22 2:49 AM |
Environment: |
Windows / Linux GeoServer 2.21.0 |
Priority: |
Medium |
Reporter: |
Parameterised AWS keys in an S3 blobstore are resolved to literals and written to the geowebcache.xml config file when, after initial creation, the blobstore is opened and saved in the GeoServer UI. This can result in secure AWS keys being inadvertently exposed, such as when the GeoServer data_dir is version controlled in a code repository, and requires care to be taken to manually reset the keys to parameterised values in the geowebcache.xml file. Same issue was occurring with Azure blobstores - https://osgeo-org.atlassian.net/browse/GEOS-9288 . |
Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS |
|
This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100201-sha1:07cea57) |