On 01/25/2011 01:43 PM, Marcel Holtmann wrote:
> Hi Jussi,
>
>> The test scripts are useful when asking users for debugging info,
>> but the sensitive information makes using the output on open forums
>> problematic.
>> ---
>> test/get-services | 2 ++
>> test/list-services | 2 ++
>> test/test-manager | 2 ++
>> 3 files changed, 6 insertions(+), 0 deletions(-)
>>
>> diff --git a/test/get-services b/test/get-services
>> index 29d4ea0..8088012 100755
>> --- a/test/get-services
>> +++ b/test/get-services
>> @@ -50,6 +50,8 @@ for entry in services:
>> val = "false"
>> elif key in ["Strength"]:
>> val = int(properties[key])
>> + elif key in ["Passphrase"]:
>> + val = "<redacted>"
>
> I do see your point here that you are trying to protect something, but
> is it really worth protecting? I have no problem with doing so, but you
> might wanna better add a switch to show passphrases then as well. Since
> you will need that for debugging as well.
I think it is worth it, not because the data is necessarily so important
but because of a social issue -- From several cases I an tell that
people do not take it well when they realise they've just posted to the
web something _they consider_ a secret. I know I could just remember to
ask for
./list-services | grep -v "Passphrase ="
but I've personally found myself unable to remember to do that and I bet
I'm not the only one. I think the default should be "don't print secrets".
I can add a --print-secrets switch to include the passphrase. Originally
I did not include it to keep the scripts simple.
- Jussi
_______________________________________________
connman mailing list
connman@connman.net
http://lists.connman.net/listinfo/connman
