rpc code logs plaintext/unsanitised request context
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
Fix Released
|
High
|
Unassigned | ||
oslo-incubator |
Fix Released
|
High
|
Davanum Srinivas (DIMS) |
Bug Description
The amqp rpc code logs unpacked context without sanitising credentials, so you end up with plaintext credentials in the logfile, e.g:
2013-04-09 11:02:21.756 3250 DEBUG heat.openstack.
https:/
It would be good if you could select a debug loglevel without exposing this data
Changed in heat: | |
status: | New → Confirmed |
status: | Confirmed → Triaged |
importance: | Undecided → High |
Changed in oslo: | |
milestone: | none → havana-2 |
status: | Fix Committed → Fix Released |
Changed in heat: | |
assignee: | nobody → andrew plunk (andrew-plunk) |
Changed in oslo: | |
milestone: | havana-2 → 2013.2 |
Changed in heat: | |
status: | Triaged → Fix Committed |
Changed in heat: | |
milestone: | none → icehouse-1 |
status: | Fix Committed → Fix Released |
Changed in heat: | |
milestone: | icehouse-1 → 2014.1 |
Hmm, the _safe_log function probably needs to be augmented a bit