[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Iac16c6358250677544761beea9f5c5d8ba29afac
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Sep 25 07:01:50 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/123954
Log:
commit ebeca911fa291e258c2c0b1ef55a26ff5ac009d2
Author: ankitagrawal <ankit11.agrawal at nttdata.com>
Date: Fri Sep 19 04:46:11 2014 -0700
Redact x-subject-token from response headers
When you invoke any OpenStack API of any of the OpenStack services
e.g. glance, neutron, cinder, heat, ceilometer, nova, keystone
then it logs readable x-subject-token at the debug log level in the
respective log files.
Simply redacting the x-subject-token in keystone client response header
before logging it.
SecurityImpact
Closes-Bug: #1371355
Change-Id: Iac16c6358250677544761beea9f5c5d8ba29afac
More information about the Openstack-security
mailing list