On Thu, 27 Jun 2024 at 09:45, Even Rouault <even.roua...@spatialys.com> wrote: > > Hi Nyall, > > > Reading through the vrt schema, I see that there's currently support > > for open options for sources, but I can't see any support documented > > for VSI credential options. > > > > Has this been considered in the past? > not that I'm aware of > > I'm unsure if it's an omission > > by design (i.e. preventing plain text storage of credentials in a VRT) > > or a feature request... > > Some analysis should be done because there might *potentially* be a > security impact in doing that (besides just leaking secrets).
Ok, that was my gut feeling, so thanks for the confirmation! > What kind of scenario do you have in mind? Sharing a VRT with sources > that use AWS_NO_SIGN_REQUEST=YES ? I can imagine that there's potentially a use case for internal use within an organisation with some sensitive, organisation wide credentials embedded. But allowing the various *_NO_SIGN_REQUEST options would easily be the most common use case (and should(?!) come with no security concerns). > > I would say if we'd allow to set path specific option in a VRT it would > probably be prudent to restrict them to a allow-list to be on the safe > side. Although that would be a bit annoying to maintain because each > time one would introduce a new path specific option, one should extend > the allow-list with it That'd be a compelling argument to supporting *_NO_SIGN_REQUEST only. Thanks for the insights! Nyall > > Even > > -- > > http://www.spatialys.com > My software is free, but my time generally not. > _______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/gdal-dev
