Comment 1 for bug 1571714

I know we'd been trying to get away from this, but maybe we should pass the args param through mask_dict_password before logging it?

https://github.com/openstack/oslo.utils/blob/da8d3c3bbcb640d91e2b014345387b532cc9978f/oslo_utils/strutils.py#L340

That seems like the param where people are most likely to accidentally pass private data. The rest are more explicit, in general.

I guess the alternative is to treat this as user error and change oslo.messaging to pass only the fields it's actually logging. Or we could do both. Mask the passwords we can, but also change oslo.messaging to not pass the sensitive data in the first place. We could also add a strong warning to the oslo.log documentation that anything in the args structure may be exposed by some formatters.

That way we fix what we can in oslo.log but also establish a new best practice for logging parameters.

As this is a rather old security bug, I probably need to check with the VMT to see how to proceed. Once the patches are posted this will have to become public knowledge. Any input from the rest of oslo-coresec is also welcome.