[Security Feature Request] Sensitive Variables should be SecureString instead of String

Hi guys,

There is an option to make variables sensitive. If so, variable isn’t accessable through API or Web-UI/Octopus.Client.dll. That sounds great!
But there is still a gap. When we pass sensitive variable to Script (e.g. custom deployment script option) it is a plain string. So, script can write this string to a file or a web socket and this is a realy bad thing.

We would be very appreciated if you could change this behaviour and pass sensitive variables as SecureString instead of plain string.
This little improvement could close security hole.

Thank you in advance!

Kind regards,
Denis Titusov

Hi Denis,

Thank you for raising this. We’ve discussed it internally, and many people rely on the sensitive variables being in plain text so they can write them to a file (such as web.config).

We could however add this as an additional feature, say “Secure Variables”. The best place to raise this would be our UserVoice so that other customers can have their input.

Other than helping script writers fall into the pit of success, I’m unclear this would add much to the security. Could the script not just do the following to get the plain text and then write it to a file/socket?

(New-Object PSCredential "user",$password).GetNetworkCredential().Password

Regards,

Robert W