Murano

Trust id is not hidden in logs

Series kilo
Bug #1472331

Bug #1472331 reported by Ekaterina Chernova on 2015-07-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Murano	Fix Released	High	Lin Yang	Murano 1.0.1
	Kilo	Fix Committed	High	Kirill Zaitsev	Murano 2015.1.1

Bug Description

When murano creates trustes and operates with data, contains it, the value of trust is not hidden:

"SystemData": {"TrustId": "d5f1261a5a4f482d9c65a01bd385255b"}}, "token": "*** SANITIZED ***",

Need to use *** like it's done with token

Tags:

Ekaterina Chernova (efedorova) on 2015-07-07

Changed in murano:
milestone:	2014.2.3 → liberty-2
tags:	added: security
tags:	added: low-hanging-fruit

Lin Yang (lin-a-yang) on 2015-07-08

Changed in murano:
assignee:	nobody → Lin Yang (lin-a-yang)

Lin Yang (lin-a-yang) on 2015-07-08

Changed in murano:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-07-09: Fix merged to murano (master)

Reviewed: https://review.openstack.org/199407
Committed: https://git.openstack.org/cgit/openstack/murano/commit/?id=8933765635d01c2bcc3f6679e0ab8c0b9e448a3b
Submitter: Jenkins
Branch: master

commit 8933765635d01c2bcc3f6679e0ab8c0b9e448a3b
Author: Lin Yang <email address hidden>
Date: Wed Jul 8 13:53:15 2015 +0800

Hide TrustId in log to tighten up security

    Current the value of TrustId is showed in plaintext in log when murano creates
    trustes and operates with data. So add 'trustid' in token_sanitizer to hide it
    like token and pass.

Closes-Bug: #1472331

Change-Id: I1e9ea8298a7ffd9aa742cf73fada69db3a734712

Changed in murano:
status:	In Progress → Fix Committed

Kirill Zaitsev (kzaitsev) on 2015-07-09

tags:

added: kilo-backport-potential

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-07-09: Fix proposed to murano (stable/kilo)

Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/200286

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-07-10: Fix merged to murano (stable/kilo)

Reviewed: https://review.openstack.org/200286
Committed: https://git.openstack.org/cgit/openstack/murano/commit/?id=484fc244c99968738eb53815174b90dbb8e93554
Submitter: Jenkins
Branch: stable/kilo

commit 484fc244c99968738eb53815174b90dbb8e93554
Author: Lin Yang <email address hidden>
Date: Wed Jul 8 13:53:15 2015 +0800

Hide TrustId in log to tighten up security

    Current the value of TrustId is showed in plaintext in log when murano creates
    trustes and operates with data. So add 'trustid' in token_sanitizer to hide it
    like token and pass.

Closes-Bug: #1472331

Change-Id: I1e9ea8298a7ffd9aa742cf73fada69db3a734712

Kirill Zaitsev (kzaitsev) on 2015-07-11

tags:

added: in-stable-kilo

Serg Melikyan (smelikyan) on 2015-08-03

Changed in murano:
status:	Fix Committed → Fix Released

Serg Melikyan (smelikyan) on 2015-10-15

Changed in murano:
milestone:	liberty-2 → 1.0.0

Kirill Zaitsev (kzaitsev) on 2015-11-06

Changed in murano:
milestone:	1.0.0 → 1.0.1

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2016-06-08: Fix included in openstack/murano 2015.1.1

This issue was fixed in the openstack/murano 2015.1.1 release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-11-10:

This issue was fixed in the openstack/murano 2015.1.1 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.