Disable credential sharing

[erikschul]

I would like to disable credential sharing. I searched the docs but didn't find any setting. Is this possible?

AFAIK, on MacOS, credential sharing is automatic: https://code.visualstudio.com/remote/advancedcontainers/sharing-git-credentials

This is problematic, because I wouldn't like the devcontainer to have any credentials.

[bamurtaugh]

Thanks for opening. I wonder if something like "runArgs": ["--no-creds"] would help. @chrmarti any thoughts?

[erikschul]

I use Remote/SSH with devcontainers (using remote docker host).

It would be nice to configure it in the devcontainer.json, but this wouldn't work if the file is writeable in the devcontainer (a virus could modify it, to gain privileges on next window reload).

An alternative could be the global settings.json, to deny sharing globally (ssh+devcontainers), and allowlist/denylist for certain devcontainer's by name / host by ssh config name.
But a devcontainer name could be modified to escalate privileges, although it would require the virus to guess the name.

I don't think runArgs would work, because I frequently use Open this folder in a devcontainer, which opens a new window.

I think the simplest solution is a feature to disable all credential sharing globally (ssh+devcontainers), and not allow local .vscode/settings.json etc. to override it.
I'm happy to manually copy/mount credentials where relevant.

[chrmarti]

Git credentials can be controlled in the user settings:

SSH and GPG agents are automatically forwarded. You could shut down the local ssh-agent and gpg-agent if you have these to avoid that.

[erikschul]

@chrmarti

Perhaps most people use devcontainers mainly to have a reproducible and shareable development environment, with little concern for security. For example, on GitHub Codespaces, I assume every codespaces receives a fully privileged GitHub token?

My use case is distinctly different, in that I would want the codespace to have a very fine-grained token, for example only the ability to modify one specific branch, and open a pull-request.

Therefore, I need a way to entirely disable credential sharing (i.e. tokens and agent forwarding). I'll be happy to be manually responsible for injecting the relevant token and gitconfig.

My request is whether this use case can be supported with minimal effort, e.g. global config to disable it.

[cadem]

Git credentials can be controlled in the user settings:

SSH and GPG agents are automatically forwarded. You could shut down the local ssh-agent and gpg-agent if you have these to avoid that.

I have the same problem, but I tried this setting, it doesn't work, and this setting is not designed for this problem. can the problem of stopping credential sharing be resoved by setting?