Skip to content
This repository has been archived by the owner on May 24, 2022. It is now read-only.

Use whitelist for CLI arguments instead of blacklist #550

Closed
Tbaut opened this issue Aug 30, 2019 · 0 comments · Fixed by #553
Closed

Use whitelist for CLI arguments instead of blacklist #550

Tbaut opened this issue Aug 30, 2019 · 0 comments · Fixed by #553
Assignees
@amaury1093
Milestone
0.3.2 Security up...

Comments

@Tbaut
Copy link
Collaborator

Tbaut commented Aug 30, 2019

The Fether application accepts command line configuration arguments. Certain arguments
are blacklisted. The use of a blacklist is not recommended, as
new features could be added to the underlying Parity node, resulting in unintended extra
functionality invokable by CLI.

We should allow --chain.
If any other argument is needed, users can still spin up the node separately and pass the arguments they wish.
@Tbaut Tbaut added this to the 0.3.2 Security update milestone Aug 30, 2019
@amaury1093 amaury1093 self-assigned this Sep 2, 2019
@amaury1093 amaury1093 mentioned this issue Sep 2, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@amaury1093 amaury1093

Labels
None yet
Projects
None yet
Milestone
0.3.2 Security update
Development

Successfully merging a pull request may close this issue.

fix: Whitelist cli args openethereum/fether
2 participants
@amaury1093 @Tbaut