docs/SECURITY-PROCESS.md: "Visible command line arguments"

author Daniel Stenberg <daniel@haxx.se>

Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)
author Daniel Stenberg <daniel@haxx.se>
Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)
diff --git a/docs/SECURITY-PROCESS.md b/docs/SECURITY-PROCESS.md

index f6e0d31b6374b8013a2be7bdd8aa5ae414ebd0a4..a7e86615c46a77b96d825687693be92296c62a2a 100644 (file)
--- a/docs/SECURITY-PROCESS.md
+++ b/docs/SECURITY-PROCESS.md
@@ -197,3 +197,18 @@ considered security vulnerabilities. The WHATWG URL Specification and RFC
  interoperable](https://github.com/bagder/docs/blob/master/URL-interop.md).
  
  Obvious parser bugs can still be vulnerabilities of course.
+
+## Visible command line arguments
+
+The curl command blanks the contents of a number of command line arguments to
+prevent them from appearing in process listings. It does not blank all
+arguments even if some of them that are not blanked might contain sensitive
+data. We consider this functionality a best-effort and omissions are not
+security vulnerabilities.
+
+ - not all systems allow the arguments to be blanked in the first place
+ - since curl blanks the argument itself they will be readable for a short
+   moment in time no matter what
+ - virtually every argument can contain sensitive data, depending on use
+ - blanking all arguments would make it impractical for users to differentiate
+   curl command lines in process listings
author	Daniel Stenberg <daniel@haxx.se>
	Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Tue, 3 May 2022 11:37:04 +0000 (13:37 +0200)