Comments (8)
Yes, it may leak user info. What's the behavior of other shells?
Other shells? Do you mean that nebula-console behave different in different shell?
Does it rely on any function of shells?
I'll try zsh
and on windows powershell/cmd
and give a report if you think it's necessary.
from nebula-console.
Yes, it may leak user info.
What's the behavior of other shells?
from nebula-console.
Yes, I wonder what the behaviour of zsh,bash and other database's console
from nebula-console.
Yes, I wonder what the behaviour of zsh,bash and other database's console
Tested, zsh's behavior is the same as bash's.
from nebula-console.
Yes, it may leak user info. What's the behavior of other shells?
Other shells? Do you mean that nebula-console behave different in different shell? Does it rely on any function of shells?
I'll try
zsh
and on windowspowershell/cmd
and give a report if you think it's necessary.
Sorry, I didn't make it clear. Actually, I want to know what is the difference between nebula-console and other databases console or other shells in recording historical commands that contain passwords.
from nebula-console.
- nebula-console;
- other database's console: MySQL, neo4j's console;
- linux shell: bash, zsh;
from nebula-console.
- other database's console: MySQL, neo4j's console;
Get it.
- "nebula-console" will show history (include command with password) to any user loged in.
- Mysql will filter out user create command. Maybe we should consider more command that may leak info(username, password, table/graph name, etc.)
- Both linux shell will only show history of current users' past login, most password is asked after command and will not record, some inline password will leak from current user's history, while users can manually remove it.
Neo4j not deployed now, will try that later.
from nebula-console.
As we save the history in file, user can read the password in file directly.
same behavior with mycli
.
from nebula-console.
Related Issues (20)
- What is the problem with installing console errors? HOT 27
- there is no x86 version release for nebula-console HOT 6
- add arm64 docker build HOT 3
- log into nebula without a password HOT 1
- profile/explain via -e/eval with issues HOT 2
- keep session alive(not idle) or add session-respawn when expired
- Invalid graphviz string format when profiling some complex query
- docker image for arm64 HOT 2
- Display result vertically
- console quit with searching ālā and enter button HOT 1
- do we need so many command in console?
- send keepalive package
- Support Ctrl+C to kill current session
- When there are spaces before or after the quit or exit commands, the console does not exit as expected
- The unit of timeout argument should be millisecond not second
- servername is supported when tls is enabled
- version display? ? ?
- The profiling data of the Travers operator is shown as empty
- Can nebula support '--help' function? HOT 3
- Multi-line / New Lines in NGQL statements cause syntax errors HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ššš
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ā¤ļø Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nebula-console.