Skip to content
This repository was archived by the owner on Mar 8, 2023. It is now read-only.

Comments

Document passing arguments through a file#248

Merged
matthiasr merged 1 commit intoprometheus:mainfrom
freedge:passwordInFile
Feb 14, 2023
Merged

Document passing arguments through a file#248
matthiasr merged 1 commit intoprometheus:mainfrom
freedge:passwordInFile

Conversation

@freedge
Copy link

@freedge freedge commented Aug 12, 2022

Providing basic auth parameters through the command line
is insecure and raised some eyebrows in
#102

Kingpin in
https://github.com/alecthomas/kingpin#reading-arguments-from-a-file
provides a way to specify parameters through a file so we can
document that too.

In addition to prevent the leak of the password in the process table
(making any user currently logged on the machine able to read the
password), this also prevent a remote user to read the credentials
through the pprof cmdline service.

Signed-off-by: François Rigault frigo@amadeus.com

Providing basic auth parameters through the command line
is insecure and raised some eyebrows in
prometheus#102

Kingpin in
https://github.com/alecthomas/kingpin#reading-arguments-from-a-file
provides a way to specify parameters through a file so we can
document that too.

In addition to prevent the leak of the password in the process table
(making any user currently logged on the machine able to read the
password), this also prevent a remote user to read the credentials
through the pprof cmdline service.

Signed-off-by: François Rigault <frigo@amadeus.com>
@matthiasr
Copy link
Contributor

Thank you, Today I Learned 😄

@matthiasr matthiasr merged commit d7efd1b into prometheus:main Feb 14, 2023
@SuperQ
Copy link
Member

SuperQ commented Feb 15, 2023

We should add this documentation to all the repos that support kingpin.

@freedge freedge deleted the passwordInFile branch February 15, 2023 08:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants