Details
-
Bug
-
Resolution: Fixed
-
Major
-
4.5.0
-
Security Level: Public
-
Untriaged
-
Unknown
Description
Passwords and auth info might appear in JSON and other places which are logged to stdout/stderr.
Those should be replace with "*********" or equivalent scrubbing of sensitive auth info.
The actual strings that users search for can also be considered sensitive information but need different handling so there's another ticket for that.
Attachments
Issue Links
For Gerrit Dashboard: MB-17469 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
59104,2 | MB-17469 - scrub of log output | master | cbgt | Status: MERGED | +2 | +1 |