[Openstack-security] [Bug 1172195] Re: admin_token and LDAP password show up in log in DEBUG mode
OpenStack Hudson
1172195 at bugs.launchpad.net
Thu May 2 18:24:57 UTC 2013
Reviewed: https://review.openstack.org/27980
Committed: http://github.com/openstack/keystone/commit/c5037dd6b82909efaaa8720e8cfa8bdb8b4a0edd
Submitter: Jenkins
Branch: stable/grizzly
commit c5037dd6b82909efaaa8720e8cfa8bdb8b4a0edd
Author: Xuhan Peng <xuhanp at cn.ibm.com>
Date: Fri Apr 12 16:19:37 2013 +0800
Mark LDAP password and admin_token secret
Add secret=True to LDAP password and admin_token
of keystone configuration.
Fix bug #1172195
Change-Id: I8ef7f705e3f6b374ff427c20eb761892d5146a75
(cherry picked from commit d43e2a51a1ed7adbed3c5ddf001d46bc4a824ae8)
** Changed in: keystone/grizzly
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1172195
Title:
admin_token and LDAP password show up in log in DEBUG mode
Status in OpenStack Identity (Keystone):
Fix Committed
Status in Keystone grizzly series:
Fix Committed
Bug description:
This is a by-product of bug 1168252.
Keystone auth_token and LDAP password are not market "secret" so they
appear in DEBUG level logs:
(keystone-all): 2013-04-23 23:17:09,101 DEBUG cfg log_opt_values admin_token = 111222333444
(keystone-all): 2013-04-23 23:17:09,108 DEBUG cfg log_opt_values ldap.password = None
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1172195/+subscriptions
More information about the Openstack-security
mailing list