[Openstack-security] [Bug 1761538] Re: Cookie hash value displayed in rabbitmq logs
Divya K Konoor
dikonoor at in.ibm.com
Thu Apr 5 16:25:41 UTC 2018
But logging this Erlang Cache could have a security impact on OpenStack
--
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1761538
Title:
Cookie hash value displayed in rabbitmq logs
Status in OpenStack Identity (keystone):
New
Bug description:
ENabled rabbitmq debug and restarted the process. Found sensitive data
displayed in logs.
rabbitmq uses Erlang cookie concept where a cluster of nodes
communicates to each other. Any node that posses this secret cookie
can communicate with other nodes in the cluster.
=INFO REPORT==== 31-Mar-2018::03:28:46 ===
stopped SSL Listener on [::]:5671
=INFO REPORT==== 31-Mar-2018::03:28:46 ===
Stopped RabbitMQ application
=INFO REPORT==== 31-Mar-2018::03:28:46 ===
Halting Erlang VM
=INFO REPORT==== 31-Mar-2018::03:29:54 ===
Starting RabbitMQ 3.6.6 on Erlang 19.1.1
Copyright (C) 2007-2016 Pivotal Software, Inc.
Licensed under the MPL. See http://www.rabbitmq.com/
=INFO REPORT==== 31-Mar-2018::03:29:54 ===
node : rabbit at ip9-114-192-221
home dir : /var/lib/rabbitmq
config file(s) : /etc/rabbitmq/rabbitmq.config
cookie hash : RVLZk6qSkQ471Dqtfk14wA==
log : /var/log/rabbitmq/rabbit at ip9-114-192-221.log
sasl log : /var/log/rabbitmq/rabbit at ip9-114-192-221-sasl.log
database dir : /var/lib/rabbitmq/mnesia/rabbit at ip9-114-192-221
=INFO REPORT==== 31-Mar-2018::03:29:57 ===
Memory limit set to 3876MB of 9690MB total.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1761538/+subscriptions
More information about the Openstack-security
mailing list