rindexer icon indicating copy to clipboard operation
rindexer copied to clipboard
verified publisher icon joshstevens19

Database password leak in argument

Open gearcat0 opened this issue 5 months ago • 1 comments

The database credentials get passed rather than read from the .env in a less leaky manner.

s@myhost:~$ ps ax | grep rindex
  67841 pts/3    Sl+    0:04 rindexer start all
  67860 pts/3    Sl+    0:00 /home/s/.rindexer/resources/rindexer-graphql-linux postgresql://rindexer:[email protected]:5432/rindexer foo_mint_security,foo_foo_btc,foo_foo_network,foo_mint_strategy 3001 1000 10000 false false
  68040 pts/5    S+     0:00 grep --color=auto rindex

gearcat0 avatar Jun 30 '25 10:06 gearcat0

ah ok on the graphql side - good spot we will make it read from env over passing it like that as it be nicer

joshstevens19 avatar Jul 06 '25 10:07 joshstevens19