[Openstack-security] [Bug 1761538] Re: Cookie hash value displayed in rabbitmq logs

Divya K Konoor dikonoor at in.ibm.com
Thu Apr 5 16:25:41 UTC 2018


But logging this Erlang Cache could have a security impact on OpenStack

-- 
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1761538

Title:
  Cookie hash value displayed in rabbitmq logs

Status in OpenStack Identity (keystone):
  New

Bug description:
  ENabled rabbitmq debug and restarted the process. Found sensitive data
  displayed in logs.

  rabbitmq uses Erlang cookie concept where a cluster of nodes
  communicates to each other. Any node that posses this secret cookie
  can communicate with other nodes in the cluster.

  
  =INFO REPORT==== 31-Mar-2018::03:28:46 ===
  stopped SSL Listener on [::]:5671

  =INFO REPORT==== 31-Mar-2018::03:28:46 ===
  Stopped RabbitMQ application

  =INFO REPORT==== 31-Mar-2018::03:28:46 ===
  Halting Erlang VM

  =INFO REPORT==== 31-Mar-2018::03:29:54 ===
  Starting RabbitMQ 3.6.6 on Erlang 19.1.1
  Copyright (C) 2007-2016 Pivotal Software, Inc.
  Licensed under the MPL.  See http://www.rabbitmq.com/

  =INFO REPORT==== 31-Mar-2018::03:29:54 ===
  node           : rabbit at ip9-114-192-221
  home dir       : /var/lib/rabbitmq
  config file(s) : /etc/rabbitmq/rabbitmq.config
  cookie hash    : RVLZk6qSkQ471Dqtfk14wA==
  log            : /var/log/rabbitmq/rabbit at ip9-114-192-221.log
  sasl log       : /var/log/rabbitmq/rabbit at ip9-114-192-221-sasl.log
  database dir   : /var/lib/rabbitmq/mnesia/rabbit at ip9-114-192-221

  =INFO REPORT==== 31-Mar-2018::03:29:57 ===
  Memory limit set to 3876MB of 9690MB total.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1761538/+subscriptions




More information about the Openstack-security mailing list