Unwanted display of `wallet_password` in logs from the `beekeeper_api.unlock` method.
During the wallet unlocking process using the beekeeper_api.unlock
method, an entry is being generated in the stderr.log file, revealing the current wallet password.
1536414ms json_rpc_plugin.cpp:456 rpc ] message:
{
"jsonrpc": "2.0",
"method": "beekeeper_api.unlock",
"params": {
"token": "98b9180e57dbb1dd364d302caaa4a5fdc96e824e291f01afbbb00ec656a2c978",
"wallet_name": "my_only_wallet",
"password": "my_password"
},
"id": 1
}
Solution:
The password should be hidden, and inaccessible to people viewing the beekeeper
app work log.