Is there such a thing as an in-memory password obfuscation class for #Python that maybe encrypts the value with a random in-memory key, so it will less likely be casually written to some log or debug output?
-
Is there such a thing as an in-memory password obfuscation class for #Python that maybe encrypts the value with a random in-memory key, so it will less likely be casually written to some log or debug output? Not a software developer here, just some bloke writing scripts.
-
Is there such a thing as an in-memory password obfuscation class for #Python that maybe encrypts the value with a random in-memory key, so it will less likely be casually written to some log or debug output? Not a software developer here, just some bloke writing scripts.
@unixtippse You could create a string like object that overwrites __str__ and __repr__ to not expose its value. When you pass it to logs, you won’t see the password. Would not work with smarter things like sentry.
-
@unixtippse You could create a string like object that overwrites __str__ and __repr__ to not expose its value. When you pass it to logs, you won’t see the password. Would not work with smarter things like sentry.
@do3cc That's what I though about, but I'm not sufficiently delusional to do anything on Python that resembles a security component.
-
@unixtippse You could create a string like object that overwrites __str__ and __repr__ to not expose its value. When you pass it to logs, you won’t see the password. Would not work with smarter things like sentry.
I've also seen people implement classes that throw an exception if __str__ or __repr__ are called, so you immediately know it's a bug. They typically add a separate method to actually show the value if needed.
-
R relay@relay.publicsquare.global shared this topicR relay@relay.mycrowd.ca shared this topic
