nick5429 Posted November 2, 2016 Share Posted November 2, 2016 I'd like to request some sort of mechanism to pass arguments (e.g., passwords) from a plugin's WebUI page to the plugin's scripts without logging the string in the syslog. I'm working on an encryption plugin which needs to pass an encryption password/key from an input field to the backend scripts to mount/encrypt/decrypt a volume, and the unraid 6.1+ plugin system seems to log all parameters. It seems inappropriate to log that password/key. Perhaps for these fields, they can be passed from the form submission in "redactN" arguments that get logged as "*****" or "[REDACTED_FIELD]" instead of "argN" arguments -- and always present the "redact" variables contiguously after all the "arg" variables to the underlying script? Quote Link to comment
nick5429 Posted December 13, 2016 Author Share Posted December 13, 2016 I have an updated encryption plugin for 6.x that I'd like to release. Encryption has been a widely requested feature on unraid for many years that hasn't received any real first party traction. An encfs implementation isn't nearly as good as a proper solution that lives below the unraid layer, but could help bridge the gap until real disk encryption is implemented for unraid. However -- I'm not comfortable putting up a "release" of an encryption plugin which logs its password. This just provides a false sense of security, which is arguably worse than none at all. I wanted to bump this up and request its inclusion ASAP or in the upcoming 6.3 please? Quote Link to comment
Squid Posted December 13, 2016 Share Posted December 13, 2016 Can't you just use say $.post calls to a php wrapper script instead? Nothing gets logged at all on them. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.