Nethvoice, Nethvoice-proxy: Don't use NS8's default environment for sensitive data
andrea-marchionni opened this issue · 0 comments
andrea-marchionni commented
Environment variables written using agent.set_env() are stored in NS8 Redis and are readable by everyone. We need to avoid to use agent.set_env() for sensitive variables.
One Proposed solution is to write configuration to a json file, backup it, and write configuration to environment on module configure.
Another solution is to use core functions read_envfile/write_envfile, to store sensitive variables.
Implementing this will probably cause regressions in installation, backup and restore, migration from 7 and move/clone from node to node.
Actions to modify:
- create-module
- configure-module
- update-module
- import-module
- transfert-state (seems nothing to do, we just stop services)
- clone-module
- restore-module
- bin