Secure command line flags should be configurable via environment variables

mesosphere / chaos

A lightweight framework for writing REST services in Scala.

Apache License 2.0

250 stars 36 forks source link

Secure command line flags should be configurable via environment variables #27

Closed swartzrock closed 9 years ago

swartzrock commented 9 years ago

It should be possible to set the --http_credentials, --ssl_keystore_password and --ssl_keystore_path secure flags via environment variables. There is a security issue with passing them in via command line flags as their values will be visible in the process list.

kolloch commented 9 years ago

That was fixed. Or is anything missing? @swartzrock

swartzrock commented 9 years ago

Yup fixed, thanks