|
|
|
|
|
|
by theamk
17 days ago
|
|
|
This sounds good, but this requires that there is a way to store non-dangerous secrets. Security can't just say, "stop storing secrets in plaintext" if removing them will bring developers to halt. Sadly many security teams are just theater, introducing inconvenience without any tangible benefits. They will happily harass developers for having a CVE in the _internal documentaion tool_ which gets nowhere close to untrusted input, but at the same time will happily approve internal tool which keeps the credentials in a plain-text file and would recommend that tool to everyone. |
|
|