Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-10268 couchbase-cli - Arguments with sensitive values
  3. MB-11065

cbbackup/cbtransfer/cbrestore should acquire username/password through alternative means

    XMLWordPrintable

Details

    • Technical task
    • Resolution: Duplicate
    • Major
    • 3.0
    • 2.2.0
    • tools
    • Security Level: Public

    Description

      Passwords that are passed on the command line are trivial to expose by doing a /bin/ps during command execution. Instead, passwords (and usernames) should be acquired through alternative means, such as setting an environmental variable that will be picked up and added to the parsed options without adding them to sys.argv.

      (I have a trivial patch that we are using to accomplish this.)

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            bcui Bin Cui (Inactive)
            bj Bryce Jasmer
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 1h
                1h
                Remaining:
                Remaining Estimate - 1h
                1h
                Logged:
                Time Spent - Not Specified
                Not Specified

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty