Debug data isn't sanitized
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
keystoneauth |
Triaged
|
Low
|
Unassigned |
Bug Description
From https:/
the debug output is displaying unsanitized user data and could result in people unintentionally sharing secrets, it should be passed through strutils.
In this case the password "a12345" is been logged in debug mode,
$ ironic --debug node-create -d pxe_ipmitool -i ipmi_password=
<snip/>
DEBUG (session:337) REQ: curl -g -i -X POST http://
INFO (connectionpool
<snip/>
+------
| Property | Value |
+------
| chassis_uuid | |
| driver | pxe_ipmitool |
| driver_info | {u'ipmi_password': u'******'} |
| extra | {} |
| name | None |
| network_interface | |
| properties | {} |
| resource_class | |
| uuid | 7c45c974-
+------
Changed in keystoneauth: | |
assignee: | nobody → Dinesh Bhor (dinesh-bhor) |
description: | updated |
possible fix attached