oslo.utils

make the sanitization keys in mask_password dynamic

Bug #1433652 reported by Amrith Kumar on 2015-03-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	oslo.utils	Opinion	Undecided	Amrith Kumar

Bug Description

Currently the only way to sanitize a string with a new key is to update strutils and have a dependency on the version of strutils. It would be good to make this dynamic.

Amrith Kumar (amrith) on 2015-03-18

Changed in oslo.utils:
assignee:	nobody → Amrith (amrith)

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2015-03-18:

Would it? I'm afraid we would have different apps passing different dynamic values in, which would give them different levels of security. If we identify a string that needs to be masked out, don't we want it masked everywhere, including if it passes over RPC to another service?

Revision history for this message

Amrith Kumar (amrith) wrote on 2015-03-18:

Doug, I'm only implementing a mechanism to add new patterns that can be masked, no provision is made to remove existing patterns.

Amrith Kumar (amrith) on 2015-03-18

Changed in oslo.utils:
status:	New → Opinion

Revision history for this message

Matthew Van Dijk (mvandijk) wrote on 2015-03-18:

Keep the hardcoded list for common password keys. Just be able to dynamically add new keys that are scoped locally. The use case here was for uncommon cases. In these cases I think it is reasonable to expect the caller to know what uncommon keys they need to handle.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.