Comment 4 for bug 1570221
Revision history for this message
| Mahara Bot (dev-mahara) wrote A change has been merged | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.04_STABLE
commit cadbbf5c0c771ec
Author: Aaron Wells <email address hidden>
Date: Thu Apr 14 19:52:42 2016 +1200
Bug 1570221 Don't print parameter values to logs when in production mode
The best way to prevent sensitive data from being printed to the logs
is to avoid printing the value of *any* parameter. For instance, a
password parameter may have an unusual name, or it may be passed
through a general-purpose function like "strlen()".
Since parameter values are useful for debugging, we can still print
them when not in production mode (although with known password
params still scrubbed out).
Note this patch both scrubs likely password params, and hides their
scrubbed value. That's mostly because I'm lazy, but it also obscures
the password's actual length.
Change-Id: I4a1ab4c89a169c
behatnotneeded: Can't test with behat
(cherry picked from commit 9a2972495d55c55