Skip to content

Fix/issue #286 #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

Fix/issue #286 #365

wants to merge 5 commits into from

Conversation

MichaelDesantis
Copy link
Contributor

Problem: CLI Password argument is visible in ps -ax

Issue: #286

Changes: Adds script to change the process display name.

Test Environment:
OS: Mac OS High Sierra (10.13.6)
Browser: Google Chrome 72.0.3626.109 (Official Build) (64-bit)
(Result: Pass! Compile was successful and everything functions as expected)

NGTmeaty
NGTmeaty approved these changes Mar 27, 2019
View reviewed changes
Copy link
Contributor

@NGTmeaty NGTmeaty left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@MichaelDesantis MichaelDesantis mentioned this pull request Mar 27, 2019
Closed
lsmoura
lsmoura suggested changes Mar 28, 2019
View reviewed changes
@code-asher
Copy link
Member

We should handle code-server --password secretpassword (no =) as well. code-server -P is also supposed to work I believe.

@lsmoura
Copy link
Contributor

lsmoura commented Mar 28, 2019

@code-asher is right. According to code-server --help, this is the format:

-P, --password <value>   Specify a password for authentication.

@MichaelDesantis
Copy link
Contributor Author

MichaelDesantis commented Mar 28, 2019
edited
Loading

Suggested changes have been made! Now works with or without =;

I did notice that -P as a CLI argument does not appear to be working correctly. But that can be handled in another issue and another PR. The purpose of this PR is solely focussed on issue #286

UPDATE: New issue for -P here #371

@MichaelDesantis MichaelDesantis changed the title Fix/issue 286 Fix/issue #286 Mar 28, 2019
lsmoura
lsmoura reviewed Mar 28, 2019
View reviewed changes
code-asher
code-asher requested changes Apr 2, 2019
View reviewed changes
packages/server/src/cli.ts
for (let i = 2; i < process.argv.length; i++) {
if (process.argv[i].startsWith("--password=")) {
parts.push(process.argv[i].replace(/=.*/, "=****"));
} else if (process.argv[i] === "--password") {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My bad, I didn't include -P in my example but we'll need that as well. No need to check for -P= though since = isn't used with short options.

packages/server/src/cli.ts
parts.push(process.argv[i].replace(/=.*/, "=****"));
} else if (process.argv[i] === "--password") {
parts.push(process.argv[i++], "****")
} else if (process.argv[i] === "--") {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another unfortunate edge case comes to mind:

code-server --data-dir -- password pass

That is, -- is only interpreted as the end of options if it isn't the argument for another option.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's possible we should use an environment variable and/or configuration file instead of a command line argument for the password. Or possibly a prompt, although I'm not really keen on that solution.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe we have another issue for that #349

ammario
ammario requested changes Apr 16, 2019
View reviewed changes
Copy link
Member

@ammario ammario left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of searching for the flag, we should just search for the password itself so this code is future-proof and simple.

@kylecarbs
Copy link
Member

We should probably use an environment variable and deprecate the usage via CLI.

@MichaelDesantis
Copy link
Contributor Author

Using an ENV password will make this PR obsolete. I'll go ahead and close this PR.

@MichaelDesantis MichaelDesantis deleted the fix/issue-286 branch April 25, 2019 20:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lsmoura lsmoura lsmoura approved these changes

@code-asher code-asher code-asher requested changes

@ammario ammario ammario requested changes

@NGTmeaty NGTmeaty NGTmeaty approved these changes

@kylecarbs kylecarbs Awaiting requested review from kylecarbs

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@MichaelDesantis @code-asher @lsmoura @kylecarbs @NGTmeaty @ammario