[jira] [Commented] (GEODE-4318) gfsh does not redact passwords from history if given without =

["ASF subversion and git services (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/GEODE-4318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16804951#comment-16804951 ] 

ASF subversion and git services commented on GEODE-4318:
--------------------------------------------------------

Commit a0e3a45d2664a74f21506de9be2f6402ce5e19cf in geode's branch refs/heads/develop from Jens Deppe
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=a0e3a45 ]

GEODE-4318: Ensure that passwords are correctly redacted in the gfsh history file (#3372)

- Remove redact method in GfshHistory in favor of
  ArgumentRedactor.redact

Co-authored-by: Jens Deppe <jd...@pivotal.io>
Co-authored-by: Donal Evans <do...@gmail.com>


> gfsh does not redact passwords from history if given without =
> --------------------------------------------------------------
>
>                 Key: GEODE-4318
>                 URL: https://issues.apache.org/jira/browse/GEODE-4318
>             Project: Geode
>          Issue Type: Bug
>          Components: gfsh, security
>            Reporter: Patrick Rhomberg
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The {{ArgumentRedactor}} expects arguments in the form {{--option=value}} and detects what should be redacted based on {{option}}.  However, when given as {{--option value}}, the terms {{option}} and {{value}} will be parsed separately and {{value}} will not be redacted.
> As a consequence, any {{gfsh}} command executed with {{[command] --user username --password myPassword}} will be visible in plaintext in command history.
> ----
> Update: Upon a quick investigation, it appears that this and GEODE-3452 both can be addressed by creating / overriding and redacting in {{GfshHistory}}'s implementation of {{jline.console.history.History::add}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)