Comment 16 for bug 1343604

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to oslo-incubator (master)

Reviewed: https://review.openstack.org/109417
Committed: https://git.openstack.org/cgit/openstack/oslo-incubator/commit/?id=63c99a0fd5fa7f60b33c7fa756020e5562b6afb0
Submitter: Jenkins
Branch: master

commit 63c99a0fd5fa7f60b33c7fa756020e5562b6afb0
Author: Amrith Kumar <email address hidden>
Date: Thu Jul 24 17:04:42 2014 -0400

    Mask passwords in exceptions and error messages

    When a ProcessExecutionError is thrown by processutils.execute(), the
    exception may contain information such as password. Upstream
    applications that just log the message (as several appear to do) could
    inadvertently expose these passwords to a user with read access to the
    log files. It is therefore considered prudent to invoke
    strutils.mask_password() on the command, stdout and stderr in the
    exception. A test case has been added to ensure that all three are
    properly masked.

    OSSA is aware of this change request.

    Submitted to oslo.concurrency in
    Ie122db5f19802f519b96ed024ab3f2b5eede3eee

    Change-Id: I173dfb865e84eb7dee54a22c76db1e4f125a0a8a
    Closes-Bug: #1343604