Skip to Main Content
IBM Data and AI Ideas Portal for Customers


This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:


Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,


Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

IBM Employees should enter Ideas at https://ideas.ibm.com


Status Not under consideration
Created by Guest
Created on Jun 21, 2017

CHCCLP encrypting password

If i run a CHCCLP script the password of the user is visible in the log, this is not desirable.
(the password is in an include file)

  • Guest
    Reply
    |
    Mar 4, 2024

    This is 2024... password in clear are unacceptable in today's world

  • Guest
    Reply
    |
    Jun 22, 2023

    Hello I am bouncing this enhancement request because I have seen other customers request this functionality and I think the original decision not to plan to adopt it should be evaluated.

    Having to specify the password or even to store it in clear is a clear security risk. If the password is passed as a parameter to a CHCCLP script, the password is visible as part of the executable string through any user on Linux running a command such as ps to list processes. If a script redirects the CHCCLP output to a file for logging or to provide results for subsequent parsing (e.g. to capture performance metrics) the password is stored in the output in clear.

    With the old online utility this issue was avoided by having the script file with the password in clear "compiled" which obfuscated the password in the "compiled" file. The source with the password in clear could then be kept secure and separate from the operational environment. The compiled files as distributed to the operators still has the various commands visible for debugging and logging, and the compile process presumably hashed the commands so that the compiled file could not be tampered with.


  • Guest
    Reply
    |
    May 17, 2021

    [IBM Update]

    Hi,

    Thank you for filing this requirement and for your interest in keeping CDC a vital and successful technology. We depend on your continued interest and ideas to help ensure our products keep pace with market needs and industry standards.

    Although we do agree that your request is valid, after monitoring your request for more customer demand over the last few years and applying other relevant evaluation criteria, unfortunately we won't be able to accept your request at this time. However, if there is still an important business need, we encourage you to file a new idea accompanied with any additional information that could help us prioritize the requirement in the future.