Allow for User-Defined Encryption Key #5822
JosephAllen
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Is your feature request related to a problem? Please describe.
Rogue processes can interact with authenticated orgs using the CLI as a dumb proxy.
Describe the solution you'd like
Enable a user-defined encryption key. Perhaps something where a user would enter an encryption key manually when a project is opened instead of storing the key in the key-chain or file system.
This would allow for commands to be executed using in memory tokens and would mitigate the ability of a rogue VS Code extension or local process from executing nefarious commands.
Describe alternatives you've considered
Encrypt the content of the various alias files (on top of the in file token encryption.
Additional context
Any local shell process can run the CLI for good or bad purposes.
Beta Was this translation helpful? Give feedback.
All reactions