Automatically test that any administration password is not leaked in plaintext into the system
We manually test that $TAILS_USER_PASSWORD
is not set in some (shell)
environments, but we could perhaps take it one step further by dumping
the testing VMs memory and grep the dump for the password? I’m not sure
how valid that is vs encodings, etc. so I guess we’d need an anti-test
verifying that the approach works for other environment variables.
Parent Task: #10250
Original created by @anonym on 10275 (Redmine)