Connection object leaks the password #93
Assignees
Milestone
Comments
|
i guess we could replace the |
gijzelaerr
added a commit
that referenced
this issue
Apr 13, 2022
… and #93) (#105) * pass default pylama checks * fix formatting error * just use flake8 * fix spacing * fix more warnings * fix issue #93 * make mypy happy * fix doc build by slight restructure * prepare for 1.6.0 * doc shuffle * Document handle_download * remove one more empty line Co-authored-by: Joeri van Ruth <joeri.van.ruth@monetdbsolutions.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The connection object has a mapi object, which has a password field. The password is plain text.
I was wondering if there is a way to hide that field.
Psycopg for example doesn't return the password, but probably if someone inspects the memory of the program they could find it:
https://www.psycopg.org/docs/connection.html?highlight=password
The text was updated successfully, but these errors were encountered: