Keith Robertson has posted comments on this change. Change subject: db: drop the obfuscation of database password ......................................................................
Patch Set 3: (1 inline comment) .................................................... File src/__main__.py Line 1369: db_group.add_option( Line 1370: "", Line 1371: "--pg-pass", Line 1372: dest="pg_pass", Line 1373: help=SUPPRESS_HELP, Do not unsupress this option. It is generally considered a security issue to allow people to supply PWs on the command line (think history, ps, etc.). I explicitly hid this option. The option exists here so that users can supply the PW via the *.conf file. In anticipation of your Questions: - Why hide it? I don't want normal users to use it. - But it still exists? Yes, it is useful for testing and because it allows setting via .conf - But what if someone finds it? If an user 'opts-in' to its use then they should be intelligent enough to understand the ramifications. It is explicitly not listed. Line 1374: default=pg_pass Line 1375: ) Line 1376: Line 1377: db_group.add_option( -- To view, visit http://gerrit.ovirt.org/14741 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I763f5a9d1d3307ee384281b13db5c6c9436060df Gerrit-PatchSet: 3 Gerrit-Project: ovirt-log-collector Gerrit-Branch: master Gerrit-Owner: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Alex Lourie <alou...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Keith Robertson <krobe...@redhat.com> Gerrit-Reviewer: Kiril Nesenko <knese...@redhat.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Yedidyah Bar David <d...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
