Accepting a password on the command line is unsafe

[rgov]

origin/pkg/oc/cli/login/login.go

Line 44 in e5c7d40

%[1]s login localhost:8443 --username=myuser --password=mypass`)

This ought to be removed or at the least there should to be a warning here that this is unsafe. Command line arguments are not protected from sniffing by other users (say, with ps). Environment variables are not exposed in the same way.

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[rgov]

/lifecycle frozen

Security issues should not be closed out for being stale.