New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Discussion] Do we need to rectify SecurityMgr? (Sensitive Data handling) #131
Comments
@tdrozdovsky Plus, could you rectify if
|
@tdrozdovsky This is due to my ongoing analysis with the tool https://lgtm.com/projects/g/lf-edge/edge-home-orchestration-go/alerts/?mode=list |
Good point, I know and remember this security issue. These only informs about a failed attempt to create the Thank you for reminder |
@tdrozdovsky Thank you for accepting my suggestion. I have just assigned this issue to you. We are looking forward to seeing your another valuable contribution soon! |
I researched using
Additional processing will make the code more complex. Therefore, I suggest to ignore the
|
@tdrozdovsky It is reasonable. ^^ Could you suggest the regarding PR for this? |
I personally think that sensitive data is returned by an access to
passPhraseJWTPath
. What do you think? @tdrozdovskyedge-home-orchestration-go/src/controller/securemgr/authenticator/authenticator.go
Line 70 in 22ce49b
This might be the same potential security risk as follow.
edge-home-orchestration-go/src/controller/securemgr/authenticator/authenticator.go
Line 84 in 22ce49b
The text was updated successfully, but these errors were encountered: