← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1348838] [NEW] Glance logs password hashes in swift URLs

 

Public bug reported:

Example:

2014-07-25 20:03:36.346 780 DEBUG glance.registry.api.v1.images
[1c66afef-0bc9-4413-b63a-c81585c2a981 2eae458f42e64420af5e3a2cab07e03a
9bc19f6aabc944c382bf553cb8131b17 - - -] Updating image dfd7e14c-
eb02-487e-8112-d1881ae031d9 with metadata: {u'status': u'active',
'locations':
[u'swift+http://service%3Aimage:GyQLQqJbh3jzBfRvAs8nw8WDQ3xUtO7nw49t33R96WddHww0zJ2CSU7AtgFtf76J@proxy:8770/v2.0
/glance-images/dfd7e14c-eb02-487e-8112-d1881ae031d9']} update
/usr/lib/python2.7/dist-packages/glance/registry/api/v1/images.py:445

We've found that the following regex will catch all of the password
hashes:

r"(swift|swift\+http|swift\+https)://(.*?:)?.*?@"

Since it's a debug-level log message, we can avoid leaking sensitive
data by turning off debug logging, but we often find ourselves needing
the debug logs to diagnose issues.  We'd like to fix this problem at the
source by sanitizing our the password hashes.

** Affects: glance
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1348838

Title:
  Glance logs password hashes in swift URLs

Status in OpenStack Image Registry and Delivery Service (Glance):
  New

Bug description:
  Example:

  2014-07-25 20:03:36.346 780 DEBUG glance.registry.api.v1.images
  [1c66afef-0bc9-4413-b63a-c81585c2a981 2eae458f42e64420af5e3a2cab07e03a
  9bc19f6aabc944c382bf553cb8131b17 - - -] Updating image dfd7e14c-
  eb02-487e-8112-d1881ae031d9 with metadata: {u'status': u'active',
  'locations':
  [u'swift+http://service%3Aimage:GyQLQqJbh3jzBfRvAs8nw8WDQ3xUtO7nw49t33R96WddHww0zJ2CSU7AtgFtf76J@proxy:8770/v2.0
  /glance-images/dfd7e14c-eb02-487e-8112-d1881ae031d9']} update
  /usr/lib/python2.7/dist-packages/glance/registry/api/v1/images.py:445

  We've found that the following regex will catch all of the password
  hashes:

  r"(swift|swift\+http|swift\+https)://(.*?:)?.*?@"

  Since it's a debug-level log message, we can avoid leaking sensitive
  data by turning off debug logging, but we often find ourselves needing
  the debug logs to diagnose issues.  We'd like to fix this problem at
  the source by sanitizing our the password hashes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1348838/+subscriptions


Follow ups

References