Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feat] password sanitizer #14

Closed
simonmysun opened this issue Aug 2, 2024 · 2 comments
Closed

[feat] password sanitizer #14

simonmysun opened this issue Aug 2, 2024 · 2 comments
Labels
enhancement New feature or request v0.2

Comments

@simonmysun
Copy link
Owner

As suggested by https://news.ycombinator.com/item?id=41139049 the terminal history should be sanitized before sending to LLM backend. This can be done with a pre llm hook.

Code for reference: https://github.com/closedloop-technologies/autocomplete-sh/blob/1bd533a22379f2ebf0e1f31c39b11b8b2089a510/autocomplete.sh#L149

Will a heoristic sanitizer be easy and worth to inplement?
@simonmysun simonmysun added enhancement New feature or request v0.2 labels Aug 2, 2024
@simonmysun
Copy link
Owner Author

Additionally, like, e.g. 7z, consider rewrite argv with exec -a or other methods to sanitize the cmdline of the process, so that on multi user systems passing API key via command line will be a little bit safer.

This will be probably not implemented because it barely increase the security level and need investigation on whether and how it should be done.

simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
add tests for redaction plugin #14
8a8294b
simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
add document for redaction plugin #14
f535868
@simonmysun
Copy link
Owner Author

This will be probably not implemented because it barely increase the security level and need investigation on whether and how it should be done.

From what I know so far, modifying argv in C programs successfully changes /proc/<pid>/cmdline, but I couldn't find a way to do it in bash. exec -a doesn't work.

I should add a tip in document to remind users not to pass keys via CLI parameters while in a multi-user system.

simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
#14 add tip in docs to remind user not to use commandline arguments i…
29d532e 
…n multi-user environments
simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
Merge pull request #41 from simonmysun/feat-redaction
74117ea 
#14 add tip in docs to remind user not to use commandline arguments i…
simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
#14 also add tip in usage output
b58bdb9
simonmysun added a commit that referenced this issue Jan 29, 2025
@simonmysun
Merge pull request #42 from simonmysun/feat-redaction
b96a787 
#14 also add tip in usage output
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request v0.2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@simonmysun