OpenStack DBaaS (Trove)

trove writes sensitive credentials information in log in debug mode

Bug #1221902 reported by Saurabh Surana
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack DBaaS (Trove)
Fix Released
Critical
Vipul Sabhaya
OpenStack DBaaS (Trove) 2013.2 "havana"

Bug Description

Trove services write credentials information in trove logs when logging is setup to debug mode.

We don't set secret flag in oslo.config.cfg, which will sanitizes the sensitive parameter while logging them.

Revision history for this message
Saurabh Surana (saurabh-surana) wrote :

following parameters should be set secret:

nova_proxy_admin_pass
nova_proxy_admin_tenant_name
nova_proxy_admin_user
sql_connection
dns_passkey
dns_username
rabbit_userid
rabbit_password

Revision history for this message
Denis M. (dmakogon) wrote :

I see what you mean, but (!) trove as fully distributed service allow user to interact with trove-api only via client without directional access to instance where api works . So, user cannot access log files or other and have no ability to read logs. So it is not necessay to make this this parameters secured.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to trove (master)

Fix proposed to branch: master
Review: https://review.openstack.org/45985

Changed in trove:
assignee: nobody → Vipul Sabhaya (vipuls)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to trove (master)

Reviewed: https://review.openstack.org/45985
Committed: http://github.com/openstack/trove/commit/f1661b7791ee5cef346b416e8488504ae3aa86a2
Submitter: Jenkins
Branch: master

commit f1661b7791ee5cef346b416e8488504ae3aa86a2
Author: Vipul Sabhaya <email address hidden>
Date: Tue Sep 10 18:07:31 2013 -0700

    Mark sensitive cfg options with secure flag

    * Marks sensitive cfg options with the secure attribute
      which prevents them from being logged in the clear

    fixes bug#1221902

    Change-Id: I86887e58f3fc11cdbbe95d90da9458143c70ec67

Changed in trove:
status: In Progress → Fix Committed
Michael Basnight (hubcap)
Changed in trove:
milestone: none → havana-rc1
importance: Undecided → Critical
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to trove (milestone-proposed)

Fix proposed to branch: milestone-proposed
Review: https://review.openstack.org/46374

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to trove (milestone-proposed)

Reviewed: https://review.openstack.org/46374
Committed: http://github.com/openstack/trove/commit/d686c48910f0966b2d64f7055d5956c55b9501c9
Submitter: Jenkins
Branch: milestone-proposed

commit d686c48910f0966b2d64f7055d5956c55b9501c9
Author: Vipul Sabhaya <email address hidden>
Date: Tue Sep 10 18:07:31 2013 -0700

    Mark sensitive cfg options with secure flag

    * Marks sensitive cfg options with the secure attribute
      which prevents them from being logged in the clear

    fixes bug#1221902

    Change-Id: I86887e58f3fc11cdbbe95d90da9458143c70ec67
    (cherry picked from commit f1661b7791ee5cef346b416e8488504ae3aa86a2)

Changed in trove:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in trove:
milestone: havana-rc1 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.