Hi team,
I feel that tool get_event_process_tree can expose full command-line arguments in plaintext, even with passwords or other credentials.
For example, on-call engineer ran command in terminal mysql -uuser1 -p12345565 ... and it triggered event. In this case, mysql command with all arguments and password will be visible in process tree.
Are there existing plans to sanitise these outputs to ensure that credentials are not displayed?
Thank you.
Hi team,
I feel that tool
get_event_process_treecan expose full command-line arguments in plaintext, even with passwords or other credentials.For example, on-call engineer ran command in terminal
mysql -uuser1 -p12345565 ...and it triggered event. In this case, mysql command with all arguments and password will be visible in process tree.Are there existing plans to sanitise these outputs to ensure that credentials are not displayed?
Thank you.