Skip to content

Automatically test that any administration password is not leaked in plaintext into the system

We manually test that $TAILS_USER_PASSWORD is not set in some (shell) environments, but we could perhaps take it one step further by dumping the testing VMs memory and grep the dump for the password? I’m not sure how valid that is vs encodings, etc. so I guess we’d need an anti-test verifying that the approach works for other environment variables.

Parent Task: #10250

Original created by @anonym on 10275 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information