Loading...

XML

Word

Printable

Details

Type: Improvement
Resolution: Fixed
Priority: Critical
Fix Version/s: 3.0
Affects Version/s: 2.5.0
Component/s: tools
Security Level: Public
Labels:
None

Description

Currently the `couchbase-cli` utility accepts arguments via command line, including arguments containing sensitive information.

To avoid exposing sensitive information through the command history or making it visible in utilities like `ps` or `top`, `coucbase-cli` could be improved by accepting arguments containing sensitive information in one or more of the following ways:

Prompting specifically for password values
Reading arguments from from a configuration file
Reading arguments from system environment variables

Attachments

Issue Links

relates to

MB-15194 cbcollect_info couchbase.log leaks CB_REST_USERNAME CB_REST_PASSWORD

Closed

Sub-Tasks

cbbackup/cbtransfer/cbrestore should acquire username/password through alternative means

Closed

Bin Cui (Inactive)

Gerrit Reviews

- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Thuan Nguyen

Reporter:: Brian Shumate (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 20/Feb/14 9:06 AM

Updated:: 16/Nov/17 8:32 AM

Resolved:: 14/May/14 4:57 PM

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified

Include sub-tasks

Gerrit Reviews

There are no open Gerrit changes

Show There are 2 closed Gerrit changes

Hide There are 2 closed Gerrit changes

MB-10268: Use environment variable for user/password: Gerrit Review:

MB-10268: Revise code to make it more clean: Gerrit Review:

couchbase-cli - Arguments with sensitive values

Details

Description

Attachments

Issue Links

Sub-Tasks

Gerrit Reviews

Activity

People

Dates

Time Tracking

Not Specified

Gerrit Reviews

PagerDuty