Hi everybody,
I just installed seaf-cli on one of our Linux-servers. This worked like a charm and some tests I did with our server worked really great. As our server uses SSO we have to use -T <web-api auth token>
for commands that need authentication.
As this is a multi-user system there is a security problem wrt that: when some other users run e.g. ps -eaf
while I run e.g. seaf-cli sync ... -T <my web-api auth token>
they see my full command including my authorisation token!
Is there a possibility to avoid this problem?
E.g. by storing the auth-token in the configuration somehow?
Or by asking for it interacitvely when it’s missing?
Regards,
Hermann