openstack-manuals

Do not default pecan_debug to CONF.debug

Bug #1426168 reported by OpenStack Infra
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-manuals
Fix Released
Low
Ildiko Vancsa
openstack-manuals kilo

Bug Description

https://review.openstack.org/159591
commit b2a21fba08df7da1f7c82fd41e54797e38f2fd53
Author: Jim Rollenhagen <email address hidden>
Date: Tue Feb 24 21:56:53 2015 +0000

    Do not default pecan_debug to CONF.debug

    Pecan's debug mode can be terribly insecure; 500 errors return a
    Python traceback, the full list of environment variables, and a
    button to replay the request with a breakpoint.

    Deployers often run OpenStack services in debug mode; doing so should
    not open the service up to these flaws. Defaulting pecan_debug to
    CONF.debug makes this easy to accidentally do. So, default it to False
    rather than riding on top of CONF.debug.

    Change-Id: I70f9c9807d16aa50df4d5e16ba2a29575f8b165e
    Closes-Bug: #1425206
    DocImpact

Revision history for this message
Tom Fifield (fifieldt) wrote :

This will be picked up by the next run of autogenerate-config-docs - no need to manually fix.

Changed in openstack-manuals:
milestone: none → kilo
importance: Undecided → Low
status: New → Triaged
tags: added: autogenerate-config-docs
Ildiko Vancsa (ildiko-vancsa)
Changed in openstack-manuals:
assignee: nobody → Ildiko Vancsa (ildiko-vancsa)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/171099

Changed in openstack-manuals:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/171099
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=5ff09ddf7c66b5709d75cc951451c348725e48ca
Submitter: Jenkins
Branch: master

commit 5ff09ddf7c66b5709d75cc951451c348725e48ca
Author: Ildiko Vancsa <email address hidden>
Date: Tue Apr 7 11:16:09 2015 +0200

    Update Telemetry Config Ref for Kilo

    Update the config reference and generate conf-changes
    file for the Kilo release.

    Closes-Bug: #1438882
    Closes-Bug: #1421748
    Closes-Bug: #1429957
    Closes-Bug: #1430020
    Closes-Bug: #1430290
    Closes-Bug: #1426168
    Closes-Bug: #1433793

    Change-Id: Ic2348613cb13b0ad2fa622aaa04a44cec56b3e27

Changed in openstack-manuals:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/openstack-manuals 15.0.0

This issue was fixed in the openstack/openstack-manuals 15.0.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.