subject:"Review Request 65226\: Added SecurePathOrValue for file flags which need not to leak contents."

Re: Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

2018-01-19 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65226/
---

(Updated Jan. 19, 2018, 2:06 p.m.)


Review request for mesos and Greg Mann.


Bugs: MESOS-8413
https://issues.apache.org/jira/browse/MESOS-8413


Repository: mesos


Description
---

The default behavior when serializing a flag, if its value comes from
a file (by using the prefix `file://`) is to show the contents of
the file instead of the path to the file.

A common pattern for flags containing sensitive information is to
store the values in a secure file, however the default behavior
of serializing flags causes these values to be leaked when
serializing a subclass of `FlagsBase`.

This patch introduces the structure `SecurePathOrValue` so that
the default behavior is overriden and the path of the flag will
be shown instead of the flag value itself.


Diffs (updated)
-

  3rdparty/stout/include/stout/flags/fetch.hpp 
788d09e0a2083ead7d6ccb0c233cfdfd5d1ddb81 
  3rdparty/stout/include/stout/flags/flag.hpp 
6580c294fc5d06854eadc19b1515172a4a700e89 
  3rdparty/stout/include/stout/flags/parse.hpp 
6112d699be4cbdcb7a7872da8f29d41aab0939a3 


Diff: https://reviews.apache.org/r/65226/diff/2/

Changes: https://reviews.apache.org/r/65226/diff/1-2/


Testing
---

```
make check
```

Full testing in follow up patch.


Thanks,

Alexander Rojas

Re: Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

2018-01-18 Thread Greg Mann


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65226/#review195761
---


Fix it, then Ship it!




Awesome, thanks Alexander :)


3rdparty/stout/include/stout/flags/fetch.hpp
Lines 70-72 (patched)


Could you leave a comment here explaining why we don't fetch as normal for 
this type?



3rdparty/stout/include/stout/flags/flag.hpp
Lines 104-106 (patched)


This will fit on two lines.



3rdparty/stout/include/stout/flags/flag.hpp
Lines 114-115 (patched)


I think our usual wrapping here would be

```
inline std::ostream& operator<<(
std::ostream ,
const SecurePathOrValue& flag)
```

?


- Greg Mann


On Jan. 18, 2018, 6:53 p.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65226/
> ---
> 
> (Updated Jan. 18, 2018, 6:53 p.m.)
> 
> 
> Review request for mesos and Greg Mann.
> 
> 
> Bugs: MESOS-8413
> https://issues.apache.org/jira/browse/MESOS-8413
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> The default behavior when serializing a flag, if its value comes from
> a file (by using the prefix `file://`) is to show the contents of
> the file instead of the path to the file.
> 
> A common pattern for flags containing sensitive information is to
> store the values in a secure file, however the default behavior
> of serializing flags causes these values to be leaked when
> serializing a subclass of `FlagsBase`.
> 
> This patch introduces the structure `SecurePathOrValue` so that
> the default behavior is overriden and the path of the flag will
> be shown instead of the flag value itself.
> 
> 
> Diffs
> -
> 
>   3rdparty/stout/include/stout/flags/fetch.hpp 
> 788d09e0a2083ead7d6ccb0c233cfdfd5d1ddb81 
>   3rdparty/stout/include/stout/flags/flag.hpp 
> 6580c294fc5d06854eadc19b1515172a4a700e89 
>   3rdparty/stout/include/stout/flags/parse.hpp 
> 6112d699be4cbdcb7a7872da8f29d41aab0939a3 
> 
> 
> Diff: https://reviews.apache.org/r/65226/diff/1/
> 
> 
> Testing
> ---
> 
> ```
> make check
> ```
> 
> Full testing in follow up patch.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

2018-01-18 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65226/
---

Review request for mesos and Greg Mann.


Bugs: MESOS-8413
https://issues.apache.org/jira/browse/MESOS-8413


Repository: mesos


Description
---

The default behavior when serializing a flag, if its value comes from
a file (by using the prefix `file://`) is to show the contents of
the file instead of the path to the file.

A common pattern for flags containing sensitive information is to
store the values in a secure file, however the default behavior
of serializing flags causes these values to be leaked when
serializing a subclass of `FlagsBase`.

This patch introduces the structure `SecurePathOrValue` so that
the default behavior is overriden and the path of the flag will
be shown instead of the flag value itself.


Diffs
-

  3rdparty/stout/include/stout/flags/fetch.hpp 
788d09e0a2083ead7d6ccb0c233cfdfd5d1ddb81 
  3rdparty/stout/include/stout/flags/flag.hpp 
6580c294fc5d06854eadc19b1515172a4a700e89 
  3rdparty/stout/include/stout/flags/parse.hpp 
6112d699be4cbdcb7a7872da8f29d41aab0939a3 


Diff: https://reviews.apache.org/r/65226/diff/1/


Testing
---

```
make check
```

Full testing in follow up patch.


Thanks,

Alexander Rojas

Re: Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

Re: Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

Review Request 65226: Added SecurePathOrValue for file flags which need not to leak contents.

3 matches

Site Navigation

Mail list logo

Footer information