EFForg/apkeep

provide secure method for receiving password

Closed this issue · 12 comments

eighthave commented

apkeep --password only seems to accept it straight on the command line, which means that any user on the system can see the password. For example:

$ apkeep --username $GOOGLE_PLAY_USERNAME --password $GOOGLE_PLAY_PASSWORD --app com.instagram.android . &
$ ps auxww|grep '[a]pkeep'
user       24792  0.0  0.8 155032 12788 pts/0    Sl+  10:33   0:00 apkeep --username foo@bar.com --password mysecretpw --app com.instagram.android .
$

A couple ideas off the top of my head:

  • generic apkeep config file that stores username, password, download-source, etc
  • accept password on stdin
  • add an option like --password-env
  • add an option like --password-file

Here's an attempt at using stdin:

$ echo $GOOGLE_PLAY_PASSWORD | RUST_BACKTRACE=full apkeep --download-source google-play --username $GOOGLE_PLAY_USERNAME  --app com.instagram.android .
thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:258:68
stack backtrace:
   0:     0x55c8d4173f5c - std::backtrace_rs::backtrace::libunwind::trace::h91c465e73bf6c785
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
   1:     0x55c8d4173f5c - std::backtrace_rs::backtrace::trace_unsynchronized::hae9da36f5d58b5f3
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
   2:     0x55c8d4173f5c - std::sys_common::backtrace::_print_fmt::h7f499fa126a7effb
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:67:5
   3:     0x55c8d4173f5c - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h3e2b509ce2ce6007
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:46:22
   4:     0x55c8d4199a7c - core::fmt::write::h753c7571fa063ecb
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/fmt/mod.rs:1168:17
   5:     0x55c8d416cf63 - std::io::Write::write_fmt::h2815c0519c99ba09
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/io/mod.rs:1660:15
   6:     0x55c8d41767f2 - std::sys_common::backtrace::_print::h64941a6fc8b0ed9b
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:49:5
   7:     0x55c8d41767f2 - std::sys_common::backtrace::print::hcf25e43e1a9b0766
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:36:9
   8:     0x55c8d41767f2 - std::panicking::default_hook::{{closure}}::h78d3e6cf97fc623d
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:211:50
   9:     0x55c8d41763d5 - std::panicking::default_hook::hda898f8d3ad1a5ae
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:228:9
  10:     0x55c8d4176e43 - std::panicking::rust_panic_with_hook::h1a5ea2d6c23051aa
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:606:17
  11:     0x55c8d4176b32 - std::panicking::begin_panic_handler::{{closure}}::h07f549390938b73f
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:500:13
  12:     0x55c8d4174404 - std::sys_common::backtrace::__rust_end_short_backtrace::h5ec3758a92cfb00d
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:139:18
  13:     0x55c8d4176899 - rust_begin_unwind
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:498:5
  14:     0x55c8d3bec181 - core::panicking::panic_fmt::h3a79a6a99affe1d5
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/panicking.rs:116:14
  15:     0x55c8d3bec0cd - core::panicking::panic::h97167cd315d19cd4
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/panicking.rs:48:5
  16:     0x55c8d3c615f7 - apkeep::main::{{closure}}::haea92ef1e07077bc
  17:     0x55c8d3cf4cc8 - tokio::park::thread::CachedParkThread::block_on::h5936f68a762c7fb9
  18:     0x55c8d3cca65d - tokio::runtime::thread_pool::ThreadPool::block_on::h733851653c9e1e7f
  19:     0x55c8d3c396f0 - tokio::runtime::Runtime::block_on::h1c507136206fb4b1
  20:     0x55c8d3bf3a8f - apkeep::main::h45d5df049dd7a7b0
  21:     0x55c8d3ce14c3 - std::sys_common::backtrace::__rust_begin_short_backtrace::h2e8e9baaeee364be
  22:     0x55c8d3c1c1e9 - std::rt::lang_start::{{closure}}::hb5611eb8782ae681
  23:     0x55c8d4173610 - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h443f738a8e9f947a
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/ops/function.rs:259:13
  24:     0x55c8d4173610 - std::panicking::try::do_call::h1e21ba261ba489ec
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:406:40
  25:     0x55c8d4173610 - std::panicking::try::h6afd48af8b6c96ac
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:370:19
  26:     0x55c8d4173610 - std::panic::catch_unwind::h85dd95e0bab7fb60
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panic.rs:133:14
  27:     0x55c8d4173610 - std::rt::lang_start_internal::{{closure}}::h038455e697c8b03e
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/rt.rs:128:48
  28:     0x55c8d4173610 - std::panicking::try::do_call::h6b0ad65979f3077a
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:406:40
  29:     0x55c8d4173610 - std::panicking::try::h010108d314169ac6
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:370:19
  30:     0x55c8d4173610 - std::panic::catch_unwind::hff397f912b1535c2
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panic.rs:133:14
  31:     0x55c8d4173610 - std::rt::lang_start_internal::h52e73755f77c7dd9
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/rt.rs:128:20
  32:     0x55c8d3bfa992 - main
  33:     0x7f3bd0d9bd0a - __libc_start_main
  34:     0x55c8d3bec8fa - _start
  35:                0x0 - <unknown>
Hainish commented

I added a user prompt for username / password in b325597

eighthave commented
Hainish commented

I'm going to introduce a config file where this can be specified as well.

Hainish commented

I just introduced this feature in 768c0b7, see https://github.com/EFForg/apkeep/blob/master/USAGE-google-play.md for usage details

Hainish commented

Usage around this feature might change before next release as I just realized the configparser dependency is unmaintained. Maybe there's a drop-in replacement, though.

eighthave commented
Hainish commented

I think I can do that. The short-flag namespace is getting pretty crowded though, with -c and -o taken...

eighthave commented

Great! long-only is fine by me, e.g. --config /tmp/asdfasdf.

Hainish commented

6201db9 provides the ini flag to specify the path to a configuration file.

eighthave commented

Looks good, I'll try it out once there is a release :)

Hainish commented

Okay, I'll aim to make a release today.