Support specifying rpcpassword by file #148
Labels
upstream bug
A bug that is (likely) present also in upstream Bitcoin and should be fixed there.
Comments
75 tasks
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Bas van Dijk:
Currently the `rpcpassword` must be specified in the
`namecoin.conf` configuration file. On some systems (for example
in NixOS) configuration files are stored in world-readable
locations. It's a bad idea to store secrets in world-readable
locations.
To better support these systems it would be nice if there was a
`rpcpasswordFile` configuration parameter. Users can then keep
`namecoin.conf` in a world-readable location but set
`rpcpasswordFile` to a file with restricted ownership and
permissions.
Hi, thanks for bringing this up.
This sounds like something that also affects Bitcoin Core; is that
correct? If so, the issue should probably be brought up with them.
Cheers!
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJY1VM2AAoJELPy0WV4bWVwU84P/i09//Cp3N/kL0ssZJPV80ST
GEqADF9vfUKBXWhV1lOsJ9DNQwV1xOo0ZWVpH5kGuIowO/iu2L0FJBQKDHi6AQLR
M56sSca+Goc2jtMyf3RYtbTy1yMiWtcmX/h2QcSQ4Ae4oAu+JCqpOhgC4+lTVwjG
zVyQNQDHMU8M64bEo4oFDRtdiik5xr5SXlTM3gT2YNh9ENvbDsdJrdtSmfCz2r/4
Oh4SrbDBhsnffq5RPHChhmF75eFA3aAx7v4nUDOpTFvEs/8JQAAEI3dKSmeGW0eO
8Rv/RbZs84QlMxBaVCGRe8Swh88GR+PbSmcM2vZs6VOnyZnax6KA/lQs4DNlp48r
NxTe6xOBXaKFyWbYbiwyKsus2LdP1L+4di7Y9pJDX9nIYUWkcsOVnMLAiM0lj8FI
nEKzz4lGTK0oEk1cmh9sq8Eb7Ie+zAoiKwsHTn8Boadk6LnunTqOk38BoZuBz8aK
ZIVLP+FBIfkIqJU5HfY1zxMoYzsBzkgEMJVaer7kNQ7M2jJhcOLZuf+M+vRw1bFy
G18VftbJ+xoGGIo56KX37yMDrQaUuw6VRxj15FG6PTO0CN+ORd/8ntQFheFGxrVn
yhsMgZqmZ5ISfW5Lkz5A5rzYr4JwKseIMdhKfTxym4AXhIIlXNxYJiK7HEuiqerU
dFdVVqmuoy5Gck4w/IJm
=qwvN
-----END PGP SIGNATURE-----
|
|
Good tip! I created: bitcoin/bitcoin#10071. |
domob1812
added
the
upstream bug
|
Closing this, since it is indeed an upstream issue (and was already brought up with Bitcoin). Also, as mentioned in the Bitcoin issue, there are now alternatives to password authentication (e. g., cookie files). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently the
rpcpasswordmust be specified in thenamecoin.confconfiguration file. On some systems (for example in NixOS) configuration files are stored in world-readable locations. It's a bad idea to store secrets in world-readable locations.To better support these systems it would be nice if there was a
rpcpasswordFileconfiguration parameter. Users can then keepnamecoin.confin a world-readable location but setrpcpasswordFileto a file with restricted ownership and permissions.The text was updated successfully, but these errors were encountered: