mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-18 12:20:24 +00:00
bd204d7d45
Every Ceph CLI that is invoked at present passes the key via the --key option, and hence is exposed to key being displayed on the host using a ps command or such means. This commit addresses this issue by stashing the key in a tmp file, which is again created on a tmpfs (or empty dir backed by memory). Further using such tmp files as arguments to the --keyfile option for every CLI that is invoked. This prevents the key from being visible as part of the argument list of the invoked program on the system. Fixes: #318 Signed-off-by: ShyamsundarR <srangana@redhat.com> |
||
|---|---|---|
| .. | ||
| cachepersister.go | ||
| cephcmds.go | ||
| cephconf.go | ||
| credentials.go | ||
| csiconfig_test.go | ||
| csiconfig.go | ||
| errors.go | ||
| idlocker_test.go | ||
| idlocker.go | ||
| k8scmcache.go | ||
| nodecache.go | ||
| stripsecrets.go | ||
| util.go | ||
| validate.go | ||
| volid_test.go | ||
| volid.go | ||
| voljournal.go | ||