You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Good point, I know and remember this security issue.
These only informs about a failed attempt to create the passPhraseJWTFilePath file.
But of course, storing such information in files (passPhrase, edge-orchestration.key, etc) is a security risk.
I think in the future this should be solved with secure storage or with access control system such as: SeLinux, SMACK, etc.
Thank you for reminder
The text was updated successfully, but these errors were encountered:
…ed form (#189)
Signed-off-by: Taras Drozdovskyi <t.drozdovsky@samsung.com>
- File names were removed from logging in accordance with the CWE-312, 315 (Fixes#141);
- In this case, there were no security threats, but automatic vulnerability analysis systems recommend doing this.
Originally posted by @tdrozdovsky in #131 (comment)
Good point, I know and remember this security issue.
These only informs about a failed attempt to create the
passPhraseJWTFilePath
file.But of course, storing such information in files (passPhrase, edge-orchestration.key, etc) is a security risk.
I think in the future this should be solved with secure storage or with access control system such as: SeLinux, SMACK, etc.
Thank you for reminder
The text was updated successfully, but these errors were encountered: