XMLWordPrintable

Details

    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-28Secure the Platform
    • 100
    • 100% 100%
    • 0
    • 0

    Description

      Feature Overview (aka. Goal Summary)  

      During oc login with a token, pasting the token on command line with oc login --token command is insecure. The token is logged in bash history, and appears in a "ps" command when ran precisely at the time the oc login command runs. Moreover, the token gets logged and is searchable by any sysadmin.

      Customers/Users would like either the "--web" command, or a command that prompt for a token. There should be no way to pass a secret on a command line with --token command. 

      For environments where no web browser is available, a "--ask-token" option should be provided that prompts for a token instead of passing it on the command line.

      Out of Scope

      High-level list of items that are out of scope.  Initial completion during Refinement status.

       

      Background

      Provide any additional context is needed to frame the feature.  Initial completion during Refinement status.

       

      Customer Considerations

      Provide any additional customer-specific considerations that must be made when designing and delivering the Feature.  Initial completion during Refinement status.

       

      Documentation Considerations

      Provide information that needs to be considered and planned so that documentation will meet customer needs.  Initial completion during Refinement status.

       

      Interoperability Considerations

      Which other projects and versions in our portfolio does this feature impact?  What interoperability test scenarios should be factored by the layered products?  Initial completion during Refinement status.

      Attachments

        Issue Links

          Activity

            People

              atelang@redhat.com Anjali Telang
              atelang@redhat.com Anjali Telang
              Wei Sun(孙薇) Wei Sun(孙薇)
              Stephanie Stout Stephanie Stout
              David Eads David Eads
              Marina Kalinin Marina Kalinin
              Votes:
              2 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: