Security is increasingly an issue, for example for database passwords and web service keys. TSTool provides some ways to protect this information. For example, PostgreSQL datastores can use the standard .pgpass file for passwords, and datastores allow environment variables to be used for passwords, assuming that such variables are only set in a user's protected login session.
TSTool's processor maintains a list of properties, which can be displayed in the Results / Properties tab. If a key or password is set as a property, it will be shown there. Alternatively, a new property list could be enabled for protected properties. They could be listed in results but the value not shown. These properties could be used for sensitive information. For example, it would be possible to store sensitive information in a user's AppData, which could be read by TSTool into a protected property. This is similar to the .pgpass approach. This would work for web services that require a key that should not be shared. This is not an uber-safe design but would work for read-only key management.
This is an idea to explore.
Security is increasingly an issue, for example for database passwords and web service keys. TSTool provides some ways to protect this information. For example, PostgreSQL datastores can use the standard
.pgpassfile for passwords, and datastores allow environment variables to be used for passwords, assuming that such variables are only set in a user's protected login session.TSTool's processor maintains a list of properties, which can be displayed in the Results / Properties tab. If a key or password is set as a property, it will be shown there. Alternatively, a new property list could be enabled for protected properties. They could be listed in results but the value not shown. These properties could be used for sensitive information. For example, it would be possible to store sensitive information in a user's AppData, which could be read by TSTool into a protected property. This is similar to the
.pgpassapproach. This would work for web services that require a key that should not be shared. This is not an uber-safe design but would work for read-only key management.