Re: CF env reveals passwords and secrets ...

Marco Voelz

Dear Padma, Mathias, all,

BOSH has just included the functionality to replace all properties with the string "<redacted>" already *on the server side*.
Maybe that is an option the Cloud Controller could follow here?

Note that we're currently discussing what default behavior should be and if there should be an option to turn redacting on or off, respectively. [1]

Warm regards


On 05/03/16 10:51, "Padmashree B" <padmashree.b(a)> wrote:

It will be interesting if there are any solutions to handle this from CF.
As an alternative solution, every client tools should build some logic to hide the secure variables. However, it will not be straight forward for the client tools to identify those variables to be handled in a secure way since at the end it is just a key-value pair.
This is also applicable for user-defined variables which is usually defined by application developers and there is no way to mark certain variables as secure.


Join to automatically receive all group messages.