Re: RFC: "git config -l" should not expose sensitive information

["Toralf Förster" <toralf.foerster@gmx.de>]

yep - understood


On 12/20/2012 04:49 PM, Aaron Schrab wrote:
> At 10:04 -0500 20 Dec 2012, Jeff King <peff@peff.net> wrote:
>> The problem seems to be that people are giving bad advice to tell
>> people to post "git config -l" output without looking at. Maybe we
>> could help them with a "git config --share-config" option that dumps
>> all config, but sanitizes the output. It would need to have a list of
>> sensitive keys (which does not exist yet), and would need to not just
>> mark up things like smtppass, but would also need to pull credential
>> information out of remote.*.url strings. And maybe more (I haven't
>> thought too long on it).
> 
> If such an option is added, it is likely to cause more people to think
> that there is no need to examine the output before sharing it.  But, I
> don't think that the sanitizing could ever be sufficient to guarantee that.
> 
> Tools outside of the core git tree may add support for new config keys
> which are meant to contain sensitive information, and there would be no
> way for `git config` to know about those.
> 
> Even for known sensitive keys, the person entering it might have made a
> typo in the name (e.g.  smptpass) preventing it from being recognized as
> sensitive by the software, but easily recognizable as such by a human.
> 
> There's also the problem of varying opinions on what is considered as
> sensitive.  You mention credential information in URLs, but some people
> may consider the entire URL as something which they would not want to
> expose.
> 
> I think that attempting to do this would only result in a false sense of
> security.
> 


-- 
MfG/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 7DB6 9DA3