ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <>
Subject Re: FTP & JSPC
Date Tue, 01 Aug 2000 13:59:35 GMT
At 09:35  1/8/00 -0400, you wrote:
>I put together an ftpput task some weeks ago using NetComponents from
OROInc.  I
>have attached it for your use.
>Use it like this:
>  <ftpput localname="filename" remotename="filename" server="ftp.server"
>userid="me" password="mypass" binary="yes|no"/>
>"binary" is the only optional parameter and defaults to yes.  I know the
>clear-text password is a huge security hole, but this was a quick job - and I
>only use restricted accounts in the context anyway.  If anyone can suggest a
>simple, secure way to do this, I'm all ears.

well there is already one in the project that has same properties (SignJar)
but another was knocked back for inclusion because it did just that
(GenerateKey). FWIW I have been keeping passwords in an environment
variable and then accessing that from build.xml. I forced people to set
variable through a script I generated and they have to do it every shell
they want toi use to do building. This means that the password doesn't
appear on commandline (and thus cmd line history and all other things this
entails) or in build.xml. Not perfect but a little better. I contemplated
popping up a GUI to grab it but thought the idea would annoy me too much
and the other option of using stdin to read it was unavailable as ant pumps
output/input of tasks that I was using. It also presents it in plain text
on terminal (feature of java stdin).



| "Nearly all men can stand adversity, but if you want |
| to test a man's character, give him power."          |
|       -Abraham Lincoln                               |

View raw message