duplicity-team team mailing list archive

[Daniel Hahler <launchpad@xxxxxxxxxx>]

** Description changed:

  If credentials are given in the command line url parameter these show up
  in 'ps'
  
  e.g.
  
  /usr/bin/duplicity --verbosity 4 --encrypt-key FD3846C2 --sign-key
  FD3846C2 --gpg-options= --exclude-globbing-filelist
  /root/.duply/bkp/exclude /backup/
  ftp://<user>:<PASSWORT>@<backupserver>/backup
  
  suggestion is to introduce env vars URL_PASSWORD/URL_USERNAME and to
  keep FTP_PASSWORD for ftp backend only and backward compatibility. The
- fact that FTP_BACKEND can be used with nearly all backend is afaik not
+ fact that FTP_PASSWORD can be used with nearly all backend is afaik not
  documented. Even so duply 1.5.1.4+ will use it until this bug is
  resolved.
  
  for the future a config file based auth as mentioned in
  http://lists.gnu.org/archive/html/duplicity-talk/2010-01/msg00032.html
  could make sense.
  
  .. ede

-- 
You received this bug notification because you are a member of
duplicity-team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/504423

Title:
  duplicity shows sensitive data in process listing

Status in Duplicity - Bandwidth Efficient Encrypted Backup:
  New

Bug description:
  If credentials are given in the command line url parameter these show up in 'ps'

e.g.

/usr/bin/duplicity --verbosity 4 --encrypt-key FD3846C2 --sign-key FD3846C2 --gpg-options= --exclude-globbing-filelist /root/.duply/bkp/exclude /backup/ ftp://<user>:<PASSWORT>@<backupserver>/backup

suggestion is to introduce env vars URL_PASSWORD/URL_USERNAME and to keep FTP_PASSWORD for ftp backend only and backward compatibility. The fact that FTP_PASSWORD can be used with nearly all backend is afaik not documented. Even so duply 1.5.1.4+ will use it until this bug is resolved.

for the future a config file based auth as mentioned in
http://lists.gnu.org/archive/html/duplicity-talk/2010-01/msg00032.html
could make sense.

.. ede