Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-17576

[FTS] Scrub logs of sensitive info from queries

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Major
    • 5.0.0
    • 4.5.0
    • fts
    • Security Level: Public

    Description

      Two parts:
      1. Any information input by a user, such as the actual string in a query, must be turned off by default and therefore not allowed to be logged.
      2. Optionally, a Couchbase Admin with full read write privileges should be able to turn on logging that includes the full text of the query for troubleshooting purposes. This information would then be protected by RBAC.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MB-17469 [FTS] cbft should never log passwords

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. MB-16039 Security Hardening

          • Major - Major loss of function.
          • Open
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              steve Steve Yen
              will.gardella Will Gardella (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty