mahara-contributors team mailing list archive

Thread
Date

[Bug 1570221] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1570221@xxxxxxxxxxxxxxxxxx>
Date: Mon, 08 Aug 2016 02:33:49 -0000
Reply-to: Bug 1570221 <1570221@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://reviews.mahara.org/6811
Committed: https://git.mahara.org/mahara/mahara/commit/cadbbf5c0c771ecfe489229e68f1fa2154ff157c
Submitter: Robert Lyon (robertl@xxxxxxxxxxxxxxx)
Branch:    16.04_STABLE

commit cadbbf5c0c771ecfe489229e68f1fa2154ff157c
Author: Aaron Wells <aaronw@xxxxxxxxxxxxxxx>
Date:   Thu Apr 14 19:52:42 2016 +1200

Bug 1570221 Don't print parameter values to logs when in production mode

The best way to prevent sensitive data from being printed to the logs
is to avoid printing the value of *any* parameter. For instance, a
password parameter may have an unusual name, or it may be passed
through a general-purpose function like "strlen()".

Since parameter values are useful for debugging, we can still print
them when not in production mode (although with known password
params still scrubbed out).

Note this patch both scrubs likely password params, and hides their
scrubbed value. That's mostly because I'm lazy, but it also obscures
the password's actual length.

Change-Id: I4a1ab4c89a169c6b29a7b63384c2412cee761ab7
behatnotneeded: Can't test with behat
(cherry picked from commit 9a2972495d55c55633f1fa10522cd567933ecf6f)

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1570221

Title:
  Don't print parameter values in logs, in productionmode

Status in Mahara:
  Fix Committed
Status in Mahara 15.04 series:
  Fix Committed
Status in Mahara 15.10 series:
  Fix Committed
Status in Mahara 16.04 series:
  Fix Committed
Status in Mahara 16.10 series:
  Fix Committed

Bug description:
  Following on from Bug 1567186, even scrubbing out parameters that we
  know to be passwords, is not a fool-proof way to keep passwords and
  sensitive data out of the logs. Params might be misnamed, or sensitive
  data might be passed through general-purpose functions.

  The only surefire way to prevent secure data from being printed to the
  logs, is to avoid printing parameter values in stacktraces at all.
  However, parameter values are useful for debugging, so I think we
  should show them productionmode=false, and hide them when
  productionmode=true.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1570221/+subscriptions