We have introduced new automated tests to help ensure that such incidents do not occur in the future.
![intellij idea unmapped spring configuration files found intellij idea unmapped spring configuration files found](https://res.cloudinary.com/dcq9actqm/image/upload/w_400,c_scale,f_auto,q_auto/c_limit,w_698/v1560909049/bpf-site/learn/tutorial-jhipster-docker-03/intellij-import-step-6_wwigqc.png)
Further, while administrative passwords may have been exposed in the tool invocation log, neither the passwords for regular users, nor any other data from their entries, should have been affected. In each of these cases, the files would have been written with permissions that make their contents only accessible to the system account used to run the server. Also note that this only includes passwords contained in files that were provided as command-line arguments passwords included in the tools.properties file, or in a file referenced from tools.properties, would not have been exposed. Affected tools include backup, create-initial-config, create-initial-proxy-config, dsreplication, enter-lockdown-mode, export-ldif, import-ldif, ldappasswordmodify, leave-lockdown-mode, manage-tasks, manage-topology, migrate-ldap-schema, parallel-update, prepare-endpoint-server, prepare-external-server, realtime-sync, rebuild-index, re-encode-entries, reload-http-connection-handler-certificates, reload-index, remove-defunct-server, restore, rotate-log, and stop-server.
#Intellij idea unmapped spring configuration files found password
* When running certain command-line tools with an argument instructing the tool to read a password from a file, the password contained in that file could have been written into the server's tool invocation log instead of the path to that file. This problem does not affect local DB backends (like userRoot), the LDAP changelog backend, or the replication database.
![intellij idea unmapped spring configuration files found intellij idea unmapped spring configuration files found](https://miro.medium.com/max/293/1*fIfb2lzeNmU7tHF6Rsikeg.png)
![intellij idea unmapped spring configuration files found intellij idea unmapped spring configuration files found](https://i.ytimg.com/vi/-d8lDK0SXpk/maxresdefault.jpg)
* When creating an encrypted backup of the alarms, alerts, configuration, encryption settings, schema, tasks, or trust store backends, the password used to generate the encryption key (which may have been obtained from an encryption settings definition) could have been inadvertently written into the backup descriptor. Affected servers should be updated.įixed two issues in which the server could have exposed some clear-text passwords in files on the server filesystem. Updating to the latest version of the Data Governance Server addresses the following critical issues from previous versions.