Skip to content

Setting password with command line parameter makes it visible in ps aux #286

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kykc opened this issue Mar 19, 2019 · 5 comments
Closed

Setting password with command line parameter makes it visible in ps aux #286

kykc opened this issue Mar 19, 2019 · 5 comments
Labels
bug Something isn't working

Comments

@kykc
Copy link

kykc commented Mar 19, 2019

  • code-server version: 1.32.0-275-linux-x64
  • OS Version: Ubuntu 18.04

Description

Setting password with command line parameter makes it visible in ps aux

Steps to Reproduce

./code-server --password=supersecret $CODE_SERVER_ROOT
ps aux

Possible solution

Seems that there's some possible ways to hide it mentioned here
@kykc kykc added the bug Something isn't working label Mar 19, 2019
@kykc kykc changed the title Setting password with command line parameter makes it visible in ps aux Setting password with command line parameter makes it visible in ps aux Mar 19, 2019
@coadler
Copy link
Contributor

coadler commented Mar 19, 2019

cc @kylecarbs @code-asher

@kykc
Copy link
Author

kykc commented Mar 19, 2019

Maybe it's also a good idea not to output password into code-server stdout when it's been explicitly set by startup parameter. Should I create a separate issue for that?

@NGTmeaty
Copy link
Contributor

We can probably keep it in here because it's related.

@MichaelDesantis MichaelDesantis mentioned this issue Mar 27, 2019
Closed
@MichaelDesantis
Copy link
Contributor

UPDATE: I have a PR for this #365

@code-asher
Copy link
Member

The recommended way now to set a password is by using the PASSWORD environment variable, which will prevent the password from displaying in the process listing.

a3ac456 also makes it so the password is only logged when it was generated.

@code-asher code-asher mentioned this issue Jun 10, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kykc @NGTmeaty @coadler @MichaelDesantis @code-asher