New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password visible if app is launch within a shell #54
Comments
Weird, that shouldn't happen... https://github.com/ubports/ubports-installer/blob/master/src/utils.js#L140. I'll have to investigate where that's coming from.
Of course, this needs to be fixed. Logging the password in clear text is a no-go. Sorry about that and thanks for reporting. |
Thanks for you reply. |
No, it doesn't. Something is going wrong. |
Hey Jan, I believe it's coming from here: ubports-installer/src/utils.js Line 244 in 9b8d6e2
|
This is a problem for me too, makes it harder to report logs. Difference between just copy-pasting and having to go through the logs myself to remove any sensitive data
|
This is particularly alarming as the automatic bug report feature leads to user passwords being uploaded to paste.ubuntu.com. |
Fixed in 598841d for now. Sorry it took so long, everyone! |
Hi,
Thanks for your installer, which is very helpful.
A little thing bothered me, as I launched the app from within a shell, I saw my password clearly written in stdout in the shell.
I think it would be better if it was obfuscated, even if launching from a shell may be not the main way to start ubports-installer.
regards
The text was updated successfully, but these errors were encountered: