[Openstack-security] [Bug 1320098] Re: neutronclient debug logging includes keystone auth token

OpenStack Infra 1320098 at bugs.launchpad.net
Fri Jun 6 02:39:55 UTC 2014 

** Changed in: python-neutronclient
     Assignee: Feng Ju (jufeng) => Xu Han Peng (xuhanp)

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1320098

Title:
  neutronclient debug logging includes keystone auth token

Status in Python client library for Neutron:
  In Progress

Bug description:
  neutronclient is logging the auth token in the nova logs. Since the
  logs are world-readable, this means anyone user on this system can see
  the auth token, which they can then use to get OpenStack administrator
  access.

To manage notifications about this bug go to:
https://bugs.launchpad.net/python-neutronclient/+bug/1320098/+subscriptions

More information about the Openstack-security mailing list