[Openstack-security] [openstack/nova] SecurityImpact review request change Ic5f4d4c26794550a92481bf2b725ef5eafa581b2
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Mon Nov 16 22:07:28 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/245987
Log:
commit 4a090f68a984685a0e1a22feddefffd410caf3e4
Author: Matt Riedemann <mriedem at us.ibm.com>
Date: Mon Nov 16 13:11:09 2015 -0800
xen: mask passwords in volume connection_data dict
The connection_data dict can have credentials in it, so we need to scrub
those before putting the stringified dict into the StorageError message
and raising that up and when logging the dict.
Note that strutils.mask_password converts the dict to a string using
six.text_type so we don't have to do that conversion first.
SecurityImpact
Change-Id: Ic5f4d4c26794550a92481bf2b725ef5eafa581b2
Closes-Bug: #1516765
More information about the Openstack-security
mailing list