[Openstack-security] [Bug 1172195] Re: admin_token and LDAP password show up in log in DEBUG mode

Thierry Carrez thierry.carrez+lp at gmail.com
Thu May 2 12:23:22 UTC 2013 

** Also affects: keystone/grizzly
   Importance: Undecided
       Status: New

** Changed in: keystone/grizzly
       Status: New => In Progress

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1172195

Title:
  admin_token and LDAP password show up in log in DEBUG mode

Status in OpenStack Identity (Keystone):
  Fix Committed
Status in Keystone grizzly series:
  In Progress

Bug description:
  This is a by-product of bug 1168252.

  Keystone auth_token and LDAP password are not market "secret" so they
  appear in DEBUG level logs:

  (keystone-all): 2013-04-23 23:17:09,101 DEBUG cfg log_opt_values admin_token                    = 111222333444
  (keystone-all): 2013-04-23 23:17:09,108 DEBUG cfg log_opt_values ldap.password                  = None

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1172195/+subscriptions

More information about the Openstack-security mailing list