Sun Java System Application Server Enterprise Edition 8.2 Release Notes

When running hadbm start <db_name>, part of the inputted password is displayed without being masked. (ID 6303581, 6346059, 6307497)


It is possible when a machine is under load that the masking mechanism fails and some characters from the password being entered are exposed. This poses a minor security risk, and the password should always be masked.


Put the passwords in their own password files (the method normally recommended since Application Server 8.1) and refer to these with either the --adminpassword or --dbpasswordfile options.