Describe the Bug
This is a security issue as the client id and secret are always available in /proc/<pid>/environ or in ps output.
Environment
- OS Type & Version: (e.g., Ubuntu 22.04) Any Linux distro
- Pangolin Version: Latest
- Gerbil Version: Latest
- Traefik Version: Latest
- Newt Version: Latest
- Client Version: (if applicable)
To Reproduce
Run pangolin CLI as per the docs provided (including systemd unit) on site, check ps auxf | grep -i pangolin output
Expected Behavior
If this is going to be used for config on Linux machines, there needs to be a mechanism for passing secrets that doesn't expose on CLI or otherwise
Describe the Bug
This is a security issue as the client id and secret are always available in
/proc/<pid>/environor inpsoutput.Environment
To Reproduce
Run pangolin CLI as per the docs provided (including systemd unit) on site, check ps auxf | grep -i pangolin output
Expected Behavior
If this is going to be used for config on Linux machines, there needs to be a mechanism for passing secrets that doesn't expose on CLI or otherwise