Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement type-safe secrets protection #181

Open
goedelsoup opened this issue Dec 7, 2018 · 1 comment
Open

Implement type-safe secrets protection #181

goedelsoup opened this issue Dec 7, 2018 · 1 comment
Labels
theme:security

Comments

@goedelsoup
Copy link
Contributor

Most secrets used throughout the codebase are carried along as strings. I think an implementation like that in ciris would go a long way in helping to manage the risk around logging users' secrets. Hashicorp Vault was actually just hit with a similar CVE.
@timperrett
Copy link
Member

Huh, this is super fascinating @goedelsoup - would love to see something like this, as it certainly is an issue. Thanks for submitting this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
theme:security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timperrett @goedelsoup