Infortrend driver logs password in commands
Bug #1708547 reported by
Walt Boring
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Medium
|
Walt Boring |
Bug Description
The Infortrend driver's cli_factory constructs a command to execute, which can include a password. When the command fails, the cli_factory logs the entire command line to the log file, leaving the password in clear text.
password line
https:/
command logged
https:/
Changed in cinder: | |
importance: | Undecided → Medium |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/490674
Review: https:/