Mask password passed in as command line arg like mysql #3680
Labels
Comments
|
If you provide the name and password with the dedicated |
|
I don't think we should clear the entire proxy string just because someone might pass their credentials there. We could consider scrubbing out them from the string, but since we have a working way to do this I don't think we have to. |
|
Yes -U masks just fine. Good to know. Might be worth adding to man page. |
bagder
added a commit
that referenced
this issue
Mar 14, 2019
|
Thanks |
bagder
added a commit
that referenced
this issue
Mar 14, 2019
Suggested-by: Eric Curtin Improved-by: Dan Fandrich Ref: #3680
|
Hehe, I was a whole minute faster! |
|
@ericcurtin are you ok with us closing this issue now? |
|
|
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I did this
curl -x https://user:password@your-proxy-ip-addess:12/ http://www.google.com
ps -ef | grep curl
curtine 7859 3321 0 17:32 pts/1 00:00:00 curl -x https://user:password@your-proxy-ip-addess:12/ http://www.google.com
I expected the following
Masked password for proxy password. Like mysql does https://unix.stackexchange.com/questions/78757/securely-feeding-a-program-with-a-password
curl/libcurl version
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.0g zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
Release-Date: 2018-01-24
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
operating system
ubuntu 18.04
The text was updated successfully, but these errors were encountered: