[Buildbot-devel] Hide password
Dustin J. Mitchell
dustin at v.igoro.us
Sat Jan 21 05:06:25 UTC 2012
On Thu, Jan 19, 2012 at 10:20 AM, Tom Prince <tom.prince at ualberta.net> wrote:
> I don't think there would be opposition to being able to handle this.
> But the danger with something like this, is that if we add data hiding
> for security, and we miss one piece of data, all we have done is add a
> false sense of security.
This is an important point. Buildbot has had a bit of a rocky history
with security already (several XSS's in the web UI), but I would like
to avoid introducing more potential vulnerabilities. If there is
sensitive data to be handled (passwords, SSH keys, etc.), I think it's
best that that information be handled out-of-band. We have some
simple protections for Source-step passwords, and even that makes me
nervous.
Dustin
More information about the devel
mailing list