search

florinpatrascu / bolt_sips

Neo4j driver for Elixir
Apache License 2.0
256 stars 49 forks source link

Hiding credentials in `Bolt.Sips.info`? #89

Closed dominique-vassard closed 4 years ago

dominique-vassard commented 4 years ago

Environment

Current behavior

Today Bolt.Sips.info returns something like this:

%{
  default: %{
    connections: %{direct: %{"localhost:7687" => 0}, routing_query: nil},
    user_options: [
      socket: Bolt.Sips.Socket,
      port: 7687,
      routing_context: %{},
      schema: "bolt",
      hostname: "localhost",
      pool_size: 15,
      max_overflow: 0,
      timeout: 15000,
      ssl: false,
      with_etls: false,
      prefix: :default,
      url: "bolt://localhost:7687",
      basic_auth: [username: "neo4j", password: "neo4jtest"]
    ]
  }
}

Wouldn't be nice to hide the credentials in it? At least when using a prod env? Just to add a bit of security. Do you think it is worthy or not?

florinpatrascu commented 4 years ago

Sure, it would be nice. But if you come to think about, who can really run that command? If that person has access to a running app’s shell, he can find those credentials in other places too, among many other and probably even more sensitive details, no?!

We can simply remove the auth creds when we display the info, to be pedantic, yes.

But honestly, I wouldn’t go further than that. Checking if the app runs in prod or ... env ¯_(ツ)_/¯

florinpatrascu commented 4 years ago

@dominique-vassard - I added a basic sanitization, in master. HTH?!

dominique-vassard commented 4 years ago

Nice! You're right, that's enough to have some security for unaware people who leaves their session opened for few minutes. It' just to make things harder for the bad guys ;)