#3 Raining Sockets may leak sensitive information due exporting exception messages directly

[Xiaoqin Fu]

For example, in raining.core.NioSocket,
static {
try {
selector = Selector.open();
} catch (Exception exc) { System.err.println( "Opening a selector L46 EXC:"+ exc.toString()); exc.printStackTrace(); }
}

Raining Sockets may leak sensitive information (of selector) through printing it directly.
Raining Sockets can use log to export information such as log.error("Opening a selector L46 EXC:", exc);

[Xiaoqin Fu]

Dear Thomas Kläger:
Could I open a PR for it?

[Thomas Kläger]

Sorry, but the project is unmaintained for 15 years and I'm not going to do any work on this old project any more.

[rahul kumar]

Are you actually using this still?
I created this long ago and am not sure I can even log into it again.

Rahul Kumar.

On Fri, 30 Oct 2020, 10:31 pm Xiaoqin Fu, xqfu@users.sourceforge.net
wrote:

---

• [feature-requests:#3]
  https://sourceforge.net/p/jniosocket/feature-requests/3/ Raining Sockets
  may leak sensitive information due exporting exception messages directly*

Status: open
Group: Next_Release_(example)
Created: Fri Oct 30, 2020 05:01 PM UTC by Xiaoqin Fu
Last Updated: Fri Oct 30, 2020 05:01 PM UTC
Owner: Thomas Kläger

For example, in raining.core.NioSocket,
static {
try {
selector = Selector.open();
} catch (Exception exc) { System.err.println( "Opening a selector L46
EXC:"+ exc.toString()); exc.printStackTrace(); }
}

Raining Sockets may leak sensitive information (of selector) through
printing it directly.
Raining Sockets can use log to export information such as
log.error("Opening a selector L46 EXC:", exc);

---

Sent from sourceforge.net because you indicated interest in
https://sourceforge.net/p/jniosocket/feature-requests/3/

To unsubscribe from further messages, please visit
https://sourceforge.net/auth/subscriptions/