curl doesn't hide the username and password from the ps output #5470
Labels
Comments
bagder
added a commit
that referenced
this issue
May 28, 2020
Due to bad escaping of the test code, the test wouldn't build and thus result in a negative test result, which would lead to the unconditional assumption that overwriting the arguments doesn't work and thus curl would never hide credentials given in the command line, even when it would otherwise be possible. Regression from commit 2d4c215 Reported-by: huzunhao on github Fixes #5470
bagder
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I did this
1、transfering the files,the commands :
create upgrade session session=hotpatch ip=50.64.130.84 user=admin password=***** path=/SPH1.tgz
2、The ps command looks at the curl thread
ps -ef | grep curl
I expected the following
hiding password
curl/libcurl version
curl-7.69.1
[curl -V output]
curl-7.69.1
operating system
Storage:~/huzunhao # uname -a
Linux Storage 4.19.36-vhulk1907.1.0.h453.eulerosv2r8.aarch64 #1 SMP Mon Jul 22 00:00:00 UTC 2019 aarch64 aarch64 aarch64 [GNU/Linux](url)
The text was updated successfully, but these errors were encountered: