oslo-incubator

rpc code logs plaintext/unsanitised request context

Bug #1171446 reported by Steven Hardy
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Heat
Fix Released
High
Unassigned
OpenStack Heat 2014.1 "icehouse"
oslo-incubator
Fix Released
High
Davanum Srinivas (DIMS)
oslo-incubator 2013.2 "havana"

Bug Description

The amqp rpc code logs unpacked context without sanitising credentials, so you end up with plaintext credentials in the logfile, e.g:

2013-04-09 11:02:21.756 3250 DEBUG heat.openstack.common.rpc.amqp [-] unpacked context: {'username': u'admin', 'service_user': u'heat', 'service_tenant': u'service', 'roles': [u'admin'], 'aws_auth_uri': None, 'tenant_id': u'1938f0707fe04b58b0053040d4a0fe06', 'auth_token': '<SANITIZED>', 'service_password': u'secrete', 'auth_url': u'http://127.0.0.1:35357/v2.0', 'is_admin': True, 'password': u'secrete', 'aws_creds': None, 'tenant': u'demo'} _safe_log /usr/lib/python2.7/site-packages/heat-2013.2.a39.g7d40bd3-py2.7.egg/heat/openstack/common/rpc/common.py:250

https://github.com/openstack/oslo-incubator/blob/master/openstack/common/rpc/amqp.py#L291

It would be good if you could select a debug loglevel without exposing this data

Revision history for this message
Thierry Carrez (ttx) wrote :

Hmm, the _safe_log function probably needs to be augmented a bit

Changed in oslo:
importance: Undecided → High
status: New → Confirmed
Steven Hardy (shardy)
Changed in heat:
status: New → Confirmed
status: Confirmed → Triaged
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to oslo-incubator (master)

Fix proposed to branch: master
Review: https://review.openstack.org/31738

Changed in oslo:
assignee: nobody → Davanum Srinivas (DIMS) (dims-v)
status: Confirmed → In Progress
Revision history for this message
Davanum Srinivas (DIMS) (dims-v) wrote :

Steven,

Can you please try the patch in heat and see if that helps fix the problem?

-- dims

Revision history for this message
Davanum Srinivas (DIMS) (dims-v) wrote :

I've tested the latest patch in review with latest heat+devstack.

-- dims

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to oslo-incubator (master)

Reviewed: https://review.openstack.org/31738
Committed: http://github.com/openstack/oslo-incubator/commit/3006787997fbd4a545e80624cf6075e3297d6fe6
Submitter: Jenkins
Branch: master

commit 3006787997fbd4a545e80624cf6075e3297d6fe6
Author: Davanum Srinivas <email address hidden>
Date: Tue Jun 4 22:26:31 2013 -0400

    Sanitize passwords in _safe_log

    replace the specific sanitization with a generic one that digs
    deeper into msg_data and sanitize known password fields.

    Fixes LP# 1171446

    Change-Id: I17926cca13175507b8869b25c1d979da88ac9037

Changed in oslo:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in oslo:
milestone: none → havana-2
status: Fix Committed → Fix Released
andrew plunk (andrew-plunk)
Changed in heat:
assignee: nobody → andrew plunk (andrew-plunk)
Revision history for this message
andrew plunk (andrew-plunk) wrote :

As I understand this bug can be resolved when gerrit change id: I17926cca13175507b8869b25c1d979da88ac9037 of the oslo-incubator project is merged into oslo proper.

Changed in heat:
assignee: andrew plunk (andrew-plunk) → nobody
Revision history for this message
Liang Chen (cbjchen) wrote :

The fix already went into Heat code base.

Thierry Carrez (ttx)
Changed in oslo:
milestone: havana-2 → 2013.2
Davanum Srinivas (DIMS) (dims-v)
Changed in heat:
status: Triaged → Fix Committed
Thierry Carrez (ttx)
Changed in heat:
milestone: none → icehouse-1
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in heat:
milestone: icehouse-1 → 2014.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.