yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1287938] [NEW] Keystoneclient logs auth tokens

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Joel Friedly <joelfriedly@xxxxxxxxx>
Date: Tue, 04 Mar 2014 21:55:39 -0000
Reply-to: Bug 1287938 <1287938@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

``keystoneclient/middleware/auth_token.py`` contains a bunch of places
where auth tokens are logged out.  This could be useful for debugging,
but log files are the kinds of things that users often forget to secure.
We should make them not contain sensitive data.

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1287938

Title:
  Keystoneclient logs auth tokens

Status in OpenStack Identity (Keystone):
  New

Bug description:
  ``keystoneclient/middleware/auth_token.py`` contains a bunch of places
  where auth tokens are logged out.  This could be useful for debugging,
  but log files are the kinds of things that users often forget to
  secure.  We should make them not contain sensitive data.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1287938/+subscriptions

Follow ups

[Bug 1287938] Re: Keystoneclient logs auth tokens
From: Dolph Mathews, 2014-06-23
[Bug 1287938] [NEW] Keystoneclient logs auth tokens
From: Joel Friedly, 2014-03-04

References

[Bug 1287938] [NEW] Keystoneclient logs auth tokens
From: Joel Friedly, 2014-03-04