cli: --init-token
exposes the init token to the ps
command
#61231
Labels
A-authentication
Pertains to authn subsystems
A-security
C-bug
Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior.
T-server-and-security
DB Server & Security
Projects
Related to #60632
The current definition of the
--init-token
flag exposes the shared secret string to other users on the machine via theps
command.Is this OK?
It seems to me that we instead want a
--init-token-file
and have the value of the token stored in a file instead. WDYT?Jira issue: CRDB-3050
Epic: CRDB-6663
The text was updated successfully, but these errors were encountered: