From: Andrew Ardill <andrew.ardill@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: "Michael Haggerty" <mhagger@alum.mit.edu>,
"Jeff King" <peff@peff.net>,
"Toralf Förster" <toralf.foerster@gmx.de>,
"git@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: RFC: "git config -l" should not expose sensitive information
Date: Fri, 21 Dec 2012 09:31:06 +1100 [thread overview]
Message-ID: <CAH5451kjsfvye8PEBN7DGzA+auLDJEmJb2qAqcD9MX9MVAu4NQ@mail.gmail.com> (raw)
In-Reply-To: <7vbodo5zjj.fsf@alter.siamese.dyndns.org>
On 21 December 2012 02:49, Aaron Schrab <aaron@schrab.com> wrote:
> Tools outside of the core git tree may add support for new config keys which
> are meant to contain sensitive information, and there would be no way for
> `git config` to know about those.
I understand that we've come down mostly on the 'users must check
before sending' side of things, but this point isn't necessarily true.
It wouldn't be too hard to create a config setting with a list of
'sensitive' keys filled with sensible defaults. It would be the job of
the 3rd party to add the relevant keys to this config file. This
wouldn't help with old 3rd party tools but would provide a way to
'hide' things automatically. A user could of course configure this
themselves (though one would think most who knew how wouldn't need
to).
On 21 December 2012 02:52, Jeff King <peff@peff.net> wrote:
>> I think that attempting to do this would only result in a false sense
>> of security.
>
> Yeah. Thanks for a dose of sanity. I was really trying not to say "the
> given advice is bad, and we cannot help those people". But I think you
> are right; the only sensible path is for the user to inspect the output
> before posting it.
One thing that a new option could provide (or maybe even the existing
option if it detects an interactive session) is to prompt the user to
review the content before outputting it. This is a nice way of helping
users who don't know that there might be sensitive information in the
output. Are there any use cases where prompting the user would be
annoying when using this command?
Regards,
Andrew Ardill
prev parent reply other threads:[~2012-12-20 22:31 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-17 11:35 RFC: "git config -l" should not expose sensitive information Toralf Förster
2012-12-20 15:04 ` Jeff King
2012-12-20 15:49 ` Aaron Schrab
2012-12-20 15:52 ` Jeff King
2012-12-20 18:37 ` Junio C Hamano
2012-12-20 16:20 ` Toralf Förster
2012-12-20 15:51 ` Michael Haggerty
2012-12-20 15:54 ` Jeff King
2012-12-20 18:49 ` Junio C Hamano
2012-12-20 22:31 ` Andrew Ardill [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAH5451kjsfvye8PEBN7DGzA+auLDJEmJb2qAqcD9MX9MVAu4NQ@mail.gmail.com \
--to=andrew.ardill@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mhagger@alum.mit.edu \
--cc=peff@peff.net \
--cc=toralf.foerster@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).