trove writes sensitive credentials information in log in debug mode
Bug #1221902 reported by
Saurabh Surana
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
Fix Released
|
Critical
|
Vipul Sabhaya |
Bug Description
Trove services write credentials information in trove logs when logging is setup to debug mode.
We don't set secret flag in oslo.config.cfg, which will sanitizes the sensitive parameter while logging them.
Changed in trove: | |
milestone: | none → havana-rc1 |
importance: | Undecided → Critical |
Changed in trove: | |
milestone: | havana-rc1 → 2013.2 |
To post a comment you must log in.
following parameters should be set secret:
nova_proxy_ admin_pass admin_tenant_ name admin_user
nova_proxy_
nova_proxy_
sql_connection
dns_passkey
dns_username
rabbit_userid
rabbit_password