-
-
Notifications
You must be signed in to change notification settings - Fork 245
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disallow Selecting .pub files for SSH & SSL Keys #67
Comments
We can just look in the file, and if we see Most ppl use RSA keys, which contain |
Should be a simple change to this validation: Sequel-Ace/Source/SPConnectionController.m Lines 616 to 620 in 3995181
EDIT: No, not as simple as that, SP of course has it's own data/line parsing code.... |
What does your cert file have as first/last lines? |
|
I've updated my branch with some better validation: https://github.com/jamesstout/Sequel-Ace/tree/more-permissions |
Looks good to me! |
Ah, that's a good point, I've forgotten to relinquish access with For the connection controller, we [currently] copy the key to the sandbox, so could call However, there was discussion about no longer copying the keys: #52 (comment), so I'd have to figure out where to relinquish access. Maybe after the connection completes. I haven't looked at the actual connection code to see if it retries, or needs the key to keep alive. I'll have a look later. |
I've put |
(We really should not let users select .pub files...)
Originally posted by @gboudreau in #52 (comment)
The text was updated successfully, but these errors were encountered: