python-oops-tools

The amqp2disk script exposes a password in the process table

Bug #894792 reported by Liam Young on 2011-11-25

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	python-oops-tools	Triaged	Low	Unassigned

Bug Description

When the amqp2disk script runs an entry like this is visible in the process table:

/usr/bin/python bin/amqp2disk --host <Host>:<Port> --password <Password>

Revision history for this message

Robert Collins (lifeless) wrote on 2011-11-28:

Yes it does. The maximum harm from someone knowing the password is that they can obtain OOPS reports. OOPS reports are sanitised on generation, so this is very low harm :).

Changed in launchpad:
status:	New → Triaged
importance:	Undecided → Low
affects:	launchpad → python-oops-tools

Revision history for this message

Gavin Panella (allenap) wrote on 2011-11-29:

Fwiw, txlongpoll had a similar problem. Julian addressed it using
setproctitle [1]:

        setproctitle.setproctitle(
            "txlongpoll: accepting connections on %s" %
                options["frontendport"])

[1] http://pypi.python.org/pypi/setproctitle

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.