fence-agents icon indicating copy to clipboard operation
fence-agents copied to clipboard

Published 20 hours ago verified publisher icon ClusterLabs

logging passwords?

Open setharnold opened this issue 4 years ago • 2 comments

https://github.com/ClusterLabs/fence-agents/blob/542fb6d95faba1eaeb7c3c980510fb7b2c3ace52/agents/eps/fence_eps.py#L41

Hello, this appears to log passwords when run with debug logging enabled. Quite often even debug logs don't include authentication credentials, so that administrators can be more confident in sharing logs with others.

Is this intentional and expected?

Thanks

setharnold avatar Sep 23 '21 01:09 setharnold

https://github.com/ClusterLabs/fence-agents/blob/542fb6d95faba1eaeb7c3c980510fb7b2c3ace52/agents/skalar/fence_skalar.py#L213 also appears to be willing to log passwords.

setharnold avatar Sep 23 '21 02:09 setharnold

In fence_eps it's only when verbose logging is enabled (and also it's base64 encoded, so not in clear text either). fence_skalar also only does it with --verbose.

oalbrigt avatar Sep 28 '21 12:09 oalbrigt