[Openstack-security] [Bug 1004114] Re: Password logging

OpenStack Infra 1004114 at bugs.launchpad.net
Thu Jul 24 21:31:00 UTC 2014 

Reviewed:  https://review.openstack.org/101792
Committed: https://git.openstack.org/cgit/openstack/python-keystoneclient/commit/?id=0e9ecaa1547306f7af6527126fb88f8151908498
Submitter: Jenkins
Branch:    master

commit 0e9ecaa1547306f7af6527126fb88f8151908498
Author: Jamie Lennox <jamielennox at redhat.com>
Date:   Wed Jun 18 10:22:10 2014 +1000

    Don't log sensitive auth data
    
    Add the ability to turn off logging from the session object and then
    handle logging of auth requests within their own sections.  This is a
    very simplistic ability to completely disable logging.  Logging more
    filtered debugging can be added later.
    
    This new ability is utilized in this patch to prevent logging of
    requests that include passwords.  This covers authenticate, password
    change, and user update requests that include passwords.
    
    SecurityImpact
    Change-Id: I3dabb94ab047e86b8730e73416c1a1c333688489
    Closes-Bug: #1004114
    Closes-Bug: #1327019


** Changed in: python-keystoneclient
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1004114

Title:
  Password logging

Status in OpenStack Dashboard (Horizon):
  Fix Released
Status in OpenStack Identity (Keystone):
  Fix Released
Status in Python client library for Keystone:
  Fix Committed

Bug description:
  When the log level is set to DEBUG, keystoneclient's full-request
  logging mechanism kicks in, exposing plaintext passwords, etc.

  This bug is mostly out of the scope of Horizon, however Horizon can
  also be more secure in this regard. We should make sure that wherever
  we *are* handling sensitive data we use Django's error report
  filtering mechanisms so they don't appear in tracebacks, etc.
  (https://docs.djangoproject.com/en/dev/howto/error-reporting
  /#filtering-error-reports)

  Keystone may also want to look at respecting such annotations in their
  logging mechanism, i.e. if Django were properly annotating these data
  objects, keystoneclient could check for those annotations and properly
  sanitize the log output.

  If not this exact mechanism, then something similar would be wise.

  For the time being, it's also worth documenting in both projects that
  a log level of DEBUG will log passwords in plain text.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1004114/+subscriptions

More information about the Openstack-security mailing list