-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
login: print a big warning when using --password #270
Conversation
Codecov Report
@@ Coverage Diff @@
## master #270 +/- ##
==========================================
- Coverage 48.44% 46.85% -1.59%
==========================================
Files 173 172 -1
Lines 11748 11692 -56
==========================================
- Hits 5691 5478 -213
- Misses 5696 5902 +206
+ Partials 361 312 -49 |
cli/command/registry/login.go
Outdated
@@ -47,6 +47,10 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { | |||
ctx := context.Background() | |||
clnt := dockerCli.Client() | |||
|
|||
if opts.password != "" { | |||
fmt.Fprintf(dockerCli.Err(), "Using --password via the CLI is insecure.\n") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you change this to fmt.Fprintln()
?
Perhaps prefix with WARNING!
;
fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure.")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Task command lines are world readable via /proc/pid/cmdline, so this isn't safe. Signed-off-by: Tycho Andersen <[email protected]>
952d7da
to
c269ad2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🐸
/cc @n4ss
LGTM! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🤠
LGTM ping @thaJeztah |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh, darn missed the ping
LGTM, thanks!
Task command lines are world readable via /proc/pid/cmdline, so this isn't
safe.