Bug #41320
closedFeature #47765: mgr/dashboard: security improvements
mgr/dashboard: passwords and other sensitive information is written to logs
0%
Description
Currently dashboard is storing in plain text logs the following sentitive information:
- Dashboard user names, passwords and roles. -> handled in #37503
log_channel(audit) log [DBG] : from='client.4126 -' entity='client.admin' cmd=[{"username": "admin", "rolename": "administrator", "prefix": "dashboard ac-user-create", "password": "admin"}]
- RGW API keys:
cmd=[{"prefix": "dashboard set-rgw-api-access-key", "target": ["mgr", ""], "value": "<real_key>"}]
cmd=[{"prefix": "dashboard set-rgw-api-secret-key", "target": ["mgr", ""], "value": "<real_key>"}]:
- JWT tokens:
"JWT Token: <real_token>"
This information should be redacted from the logs. While access to logs could be limited to privileged users, this is considered insecure (even with hashed passwords).
Updated by Sebastian Wagner over 4 years ago
- Related to Bug #37503: Audit log: mgr module passwords set on CLI written as plaintext in log files added
Updated by Sebastian Wagner over 4 years ago
- Description updated (diff)
- Pull request ID set to 30445
Let's handle the autit log in #37503 . This way we can make https://github.com/ceph/ceph/pull/30445 a real PR for this issue here.
Updated by Lenz Grimmer over 4 years ago
- Status changed from Resolved to Pending Backport
- Backport set to nautilus
Setting this to "pending backport", as this should be fixed for Nautilus, too.
Updated by Nathan Cutler over 4 years ago
- Copied to Backport #41980: nautilus: mgr/dashboard: passwords and other sensitive information is written to logs added
Updated by Nathan Cutler over 4 years ago
- Status changed from Pending Backport to Resolved
While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".
Updated by Ernesto Puerta about 3 years ago
- Project changed from mgr to Dashboard
- Category changed from 132 to General