rabbitmqctl encode command should support passing arguments via environment variables or interactive input

[EricLin89]

The current way of using "rabbitmqctl encode" is to pass the sensitive value and passphrase directly in the command line. The command will be captured by history or ps, which will cause possible information leak. Passing those arguments via environment variables or interactive input is a more secure way.

[lhoguin]

Environment variables are not much better unless if you disable /proc on Linux, for what it's worth. On Windows I am not sure much can be done with regard to environment protection since you can just read it from memory (assuming user is the same).

If we decide to do something here it should be to add interactive input only.

[zhgjun]

read command can help you A1:~ # read -rs str_sensitive A1:~ # echo $str_sensitive test A1:~ # rabbitmqctl encode $str_sensitive $str_sensitive Encrypting value ... {encrypted,<<"eVq70yWpxxcX9uJtMbzoNJv9hwibQduf4VMNI5DhhCFC1G5dj794Uacx4NJZrz4xyfZM1cQ0dF7KhZ4r1KuMKg==">>} A1:~ #

[EricLin89]

@zhgjun Thank you for your suggestion, but I'm afraid it won't solve the problem. Because in ps, $str_sensitive will be replaced by the actual value.

localhost:~ # var=100 localhost:~ # sleep $var & [1] 6521 localhost:~ # ps -ef|grep sleep|grep -v grep root 6521 252954 0 19:10 pts/0 00:00:00 sleep 100

[zhgjun]

@zhgjun Thank you for your suggestion, but I'm afraid it won't solve the problem. Because in ps, $str_sensitive will be replaced by the actual value.

localhost:~ # var=100 localhost:~ # sleep $var & [1] 6521 localhost:~ # ps -ef|grep sleep|grep -v grep root 6521 252954 0 19:10 pts/0 00:00:00 sleep 100

The process of 'rabbitmqctl encode xx‘ will end quickly unless you run the command all the time. or you have to use a script : test.sh with content like this rabbitmqctl encode $env1 $env2

and you run it after set the env1 and env2 value. export env1=test export env2=test sh test.sh