nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-20 10:34:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

bepasty: Mark secret strings in privileged actions

Browse Source 
Tests:

- Perform effected actions and ensure that secrets are not logged on the
console.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-04 09:35:19 -07:00 committed by James Valleroy
parent 1d58dcaae1
commit d900b2c9b1
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plinth/modules/bepasty/privileged.py
View File

@ -15,7 +15,7 @@ import subprocess
import augeas import augeas
from plinth import action_utils from plinth import action_utils
from plinth.actions import privileged from plinth.actions import privileged, secret_str
from plinth.modules import bepasty from plinth.modules import bepasty
DATA_DIR = '/var/lib/bepasty' DATA_DIR = '/var/lib/bepasty'
@ -137,7 +137,7 @@ def add_password(permissions: list[str], comment: str | None = None):
@privileged @privileged
def remove_password(password: str): def remove_password(password: secret_str):
"""Remove a password and its permissions.""" """Remove a password and its permissions."""
conf = conf_file_read() conf = conf_file_read()
if password in conf['PERMISSIONS']: if password in conf['PERMISSIONS']: