Comments (5)
boredazfcuk
commented on May 27, 2024
There's no variable that can be set which would switch it off, unfortunately.
In the first releases of my code I only printed ***** in the logs, but I changed that after I wasted half a day due to an incorrect password.
Printing the plain text in the log file doesn't make a difference as only the root user has access to the container log files location. If the root use wants to see the Apple ID's credentials, a quick docker inspect <whatever the container is named> | grep apple will reveal them. No need to trawl through the logs.
from docker-icloudpd.
boredazfcuk
commented on May 27, 2024
Well, I've created a new version that will save the credentials (in plain text) to a file in the /config directory, All it really does is move the problem from the log files directory to the config directory. It dies prevent it being stored in a docker variable though so it can no longer be found through a docker inspect <container name> though, so that's an improvement, of sorts
However, while I have been testing this, I've noticed a far larger security problem. When the script runs the Python command to download the photos, and user can just ps -ef | grep password and they will be able to see the credentials that are passed on the command line. If you're concerned about security, then it's probably best if you avoid using this.
I did look at storing the credentials in the system/Python keyrings quite a while ago but found neither worked and just bombed the application out with an error. I didn't spend much time investigating as I'd got a working solution. I think I should probably revisit it now I know it's leaking credentials.
from docker-icloudpd.
boredazfcuk
commented on May 27, 2024
I've implemented keyring stored passwords now and it's working. I just need to test that the old method still works and that switching to keyring stored passwords works OK.
Problem is that my account has been throttled for too many downloads. Hopefully it'll clear in a few hours/days.
from docker-icloudpd.
BoxOfSnoo
commented on May 27, 2024
Fantastic! I will watch for it, appreciate your work.
from docker-icloudpd.
boredazfcuk
commented on May 27, 2024
Gives me something to do during the COVID lockdown!
I've just pushed the new version now. You'll have to either omit the apple_password option, or set it to usekeyring
Then launch the container interactively, like you do when you generated the 2FA cookie, and complete the keyring setup process. You'll have to enter a text authentication code from Apple like I did, presumably.
You should then see the password 'usekeyring' in the logs instead of the actual password.
The keyring password file will live in /config/python_keyring/ so it persists across container re-creations. If you check it, the password inside is encrypted.
from docker-icloudpd.
Related Issues (20)
- Permission Denied HOT 2
- Failed check for new files files Failed to execute script 'icloudpd' due to unhandled exception! HOT 3
- Error: Invalid value for '-d' / '--directory': Path '/home/apps/iCloud' is not readable HOT 3
- Docker compose setup
- Telegram Bot has not been initialised or needs reinitialising HOT 2
- auto_delete not deleting photos HOT 4
- icloud.com.cn : Failed to download new files HOT 13
- Error debug - traceroute: bad address 'icloud.com.cn' HOT 1
- Remote Re-authentication error HOT 8
- Connection error in the log HOT 2
- Telegram support for multiple docker containers HOT 1
- Container Not Downloading (No Errors) HOT 1
- error HOT 2
- Error: Invalid value for '-d' / '--directory': Path is not readable HOT 2
- Failed to execute script 'icloud' due to unhandled exception! HOT 5
- Update broke .mounted file HOT 1
- 'tzlocal() does not support non-zoneinfo timezones
- These log messages indicate errors that occurred while attempting to log in to iCloud, including an invalid email/password combination, as well as the inability to find the stored password in the system's keychain. The fact is that the password is entirely correct, and the login attempts are being made in China. Despite numerous attempts, the issue remains unresolved. HOT 4
- how to use reauth.sh now HOT 1
- using folder in icloud HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-icloudpd.