Description
Currently the `couchbase-cli` utility accepts arguments via command line, including arguments containing sensitive information.
To avoid exposing sensitive information through the command history or making it visible in utilities like `ps` or `top`, `coucbase-cli` could be improved by accepting arguments containing sensitive information in one or more of the following ways:
- Prompting specifically for password values
- Reading arguments from from a configuration file
- Reading arguments from system environment variables
Attachments
Issue Links
- relates to
-
MB-15194 cbcollect_info couchbase.log leaks CB_REST_USERNAME CB_REST_PASSWORD
- Closed
There are no Sub-Tasks for this issue.
Gerrit Reviews
For Gerrit Dashboard: MB-10268 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
36101,6 | MB-10268: Use environment variable for user/password | master | couchbase-cli | Status: MERGED | +2 | +1 |
36793,2 | MB-10268: Revise code to make it more clean | master | couchbase-cli | Status: MERGED | +2 | +1 |