Instance root-password is logged in plain-text

Bug #920687 reported by Rick Harris on 2012-01-23
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Rick Harris
Russell Bryant

Bug Description

nova.rpc is logging the dict that is passed to the compute worker which contains the key `new_pass` that has the instance-root-password (if it's a set_admin_password operation).

The proposed fix is to sanitize the dictionary before logging and replacing the value with something like '<PASSWORD>'.

Changed in nova:
assignee: nobody → Rick Harris (rconradharris)
importance: Undecided → High
status: New → In Progress

Submitter: Jenkins
Branch: master

commit ccbc940211c348940ca9766ef60328302a080f9a
Author: Rick Harris <email address hidden>
Date: Mon Jan 23 23:08:04 2012 +0000

    Remove sensitive info from rpc logging.

    Fixes bug 920687

    Change-Id: Ic83145adcfe73c29a85e7916f2fda48d1bb5ccea

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2012-01-25
Changed in nova:
milestone: none → essex-3
status: Fix Committed → Fix Released

Submitter: Jenkins
Branch: stable/diablo

commit 552a53d49d7fbf190f1478b110f6934ebb0620c4
Author: Russell Bryant <email address hidden>
Date: Thu Feb 9 09:39:15 2012 -0500

    Don't log sensitive data in compute log file.

    Sanitize run_instance's admin_password argument from
    nova.rpc 'received' debug logging. Fixes bug 915025.

    Sanitize new_pass from set_admin_password. Fixes bug 920687.

    Manually merged from:

    Change-Id: I3af8263f88ef2e68d5d7f6d8c4824737fffcf461

tags: added: in-stable-diablo
Thierry Carrez (ttx) on 2012-04-05
Changed in nova:
milestone: essex-3 → 2012.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers