[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change I1edc3821ed028471102cc9b95eb9f3b54c9e2778
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Jul 30 20:12:39 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/110117
Log:
commit 605577192d7158ecf40bd9a94b7cf3acc2ce1c95
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Mon Jul 28 14:34:53 2014 -0500
Redact tokens in request headers
Tokens shouldn't be logged since a token could be gathered from a
log file and used. The client was logging the X-Auth-Token and
X-Subject-Token request headers. With this change, the X-Auth-Token
and X-Subject-Token are shown as "TOKEN_REDACTED".
Also, the "Authentication" header is also redacted.
This is for security hardening.
SecurityImpact
Closes-Bug: #1004114
Closes-Bug: #1327019
Change-Id: I1edc3821ed028471102cc9b95eb9f3b54c9e2778
More information about the Openstack-security
mailing list