Firejail doesn't hide set secrets

[mustaqimM]

Describe the bug The application (aria2) sets the secret which normally shows as stars, but when run with firejail, it gets exposed:

Behavior change on disabling firejail N/A

To Reproduce Steps to reproduce the behavior:

1. Run with the command: firejail aria2c --rpc-secret=${RPC_SECRET}
2. See error

Expected behavior If possible, firejail should also obfuscate the secret set by the application

Desktop (please complete the following information):

• Linux distribution and version (ie output of lsb_release -a)

  $❯ lsb_release -a
    LSB Version:    1.0
    Distributor ID: VoidLinux
    Description:    Void Linux
    Release:        rolling
    Codename:       void

• Firejail version (output of firejail --version) exclusive or used git commit (git rev-parse HEAD)

  
  $❯  firejail --version
  firejail version 0.9.62

Compile time support:

• AppArmor support is enabled
• AppImage support is enabled
• chroot support is enabled
• file and directory whitelisting support is enabled
• file transfer support is enabled
• firetunnel support is enabled
• networking support is enabled
• overlayfs support is enabled
• private-home support is enabled
• seccomp-bpf support is enabled
• user namespace support is enabled
• X11 sandboxing support is enabled

[matu3ba]

Does aria2 interact with other programs for this feature and (if you know) in what ways?
What is the output of firejail --debug?

[rusty-snake]

What is the output of firejail --debug?

Why? Its completely unrelated.

Does aria2 interact with other programs for this feature and (if you know) in what ways?

I thing they do some hacks in /proc/self.

[rusty-snake]

IDK if we ever want to implement this, because we would need to parse childs args.

labelling as "enhancement" for now.