This repository has been archived by the owner on Oct 3, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 78
Database password should be not visible to other processes #729
Labels
Comments
8 tasks
Probably having meguca create and read a config file would be ideal for this. |
Actually, I wonder if we might be able to read shadowed files. (Assuming Linux) |
Yes, this is best. But I want to preserve the current flag functionality too, so maybe shaving everything except the process name from |
Notes to self:
|
Closed
Also, I realized Postgres uses peer authentication by default and the password is not even needed on most systems. |
nekto-nekto
pushed a commit
to 0-chan-ru/tetuca
that referenced
this issue
May 22, 2021
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Currently the password is not cleared from /proc/self/cmdline and visible to any other unprivileged process on the same machine, such as top:
Noticed here: NixOS/nixpkgs#39482 (comment)
The text was updated successfully, but these errors were encountered: