yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1317100] [NEW] User data should be redacted when logging request spec

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Phil Day <1317100@xxxxxxxxxxxxxxxxxx>
Date: Wed, 07 May 2014 13:29:21 -0000
Reply-to: Bug 1317100 <1317100@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

The filter scheduler has a Debug level log for the request spec, which
includes in the instance properties the base64 encoded user_data.

Since this may be used by the user to pass credentials into the VM this
field should be redacted in the log enrty.

User data  is an opaque data blob as far as Nova is concerned (and hence
of no practical use for debugging).

** Affects: nova
     Importance: Undecided
     Assignee: Phil Day (philip-day)
         Status: New

** Changed in: nova
     Assignee: (unassigned) => Phil Day (philip-day)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1317100

Title:
  User data should be redacted when logging request spec

Status in OpenStack Compute (Nova):
  New

Bug description:
  The filter scheduler has a Debug level log for the request spec, which
  includes in the instance properties the base64 encoded user_data.

  Since this may be used by the user to pass credentials into the VM
  this field should be redacted in the log enrty.

  User data  is an opaque data blob as far as Nova is concerned (and
  hence of no practical use for debugging).

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1317100/+subscriptions

Follow ups

[Bug 1317100] Re: User data should be redacted when logging request spec
From: Phil Day, 2014-07-09
[Bug 1317100] [NEW] User data should be redacted when logging request spec
From: Phil Day, 2014-05-07

References

[Bug 1317100] [NEW] User data should be redacted when logging request spec
From: Phil Day, 2014-05-07