User credentials in command line

[niehauss]

systemd service file starts mlat-client-c2is with authentification data in command line. credentials can be displayed by a non privileged user as shown below:

niehaus@adsb-receiver:~ $ /etc/init.d/mlat-client-c2is status 
● mlat-client-c2is.service - LSB: Multilateration client
     Loaded: loaded (/etc/init.d/mlat-client-c2is; generated)
     Active: active (running) since Thu 2024-02-01 23:32:11 CET; 10min ago
       Docs: man:systemd-sysv-generator(8)
      Tasks: 1 (limit: 1599)
        CPU: 2.483s
     CGroup: /system.slice/mlat-client-c2is.service
             └─19194 /opt/venvs/mlat-client-c2is/bin/python /usr/bin/mlat-client-c2is --user USERNAME:PASSWORD --lat 52.37734 --lon 10.45357 --alt …

[jjx-]

You can not do any harm with those credentials on the local system.

Regarding our servers, you could just write us an email to get credentials. We do not trust any station and have measurements in place to secure our systems against attacks via the feeding API.

So we do not see this as an security issue neither for the feeder nor for us.