Bug #41320
closed
Feature #47765: mgr/dashboard: security improvements
mgr/dashboard: passwords and other sensitive information is written to logs
Added by Ernesto Puerta over 4 years ago.
Updated about 3 years ago.
Description
Currently dashboard is storing in plain text logs the following sentitive information:
- Dashboard user names, passwords and roles. -> handled in #37503
log_channel(audit) log [DBG] : from='client.4126 -' entity='client.admin' cmd=[{"username": "admin", "rolename": "administrator", "prefix": "dashboard ac-user-create", "password": "admin"}]
- RGW API keys:
cmd=[{"prefix": "dashboard set-rgw-api-access-key", "target": ["mgr", ""], "value": "<real_key>"}]
cmd=[{"prefix": "dashboard set-rgw-api-secret-key", "target": ["mgr", ""], "value": "<real_key>"}]:
- JWT tokens:
"JWT Token: <real_token>"
This information should be redacted from the logs. While access to logs could be limited to privileged users, this is considered insecure (even with hashed passwords).
- Assignee set to Kefu Chai
- Assignee deleted (
Kefu Chai)
- Related to Bug #37503: Audit log: mgr module passwords set on CLI written as plaintext in log files added
- Description updated (diff)
- Pull request ID set to 30445
- Status changed from New to Resolved
- Status changed from Resolved to Pending Backport
- Backport set to nautilus
Setting this to "pending backport", as this should be fixed for Nautilus, too.
- Copied to Backport #41980: nautilus: mgr/dashboard: passwords and other sensitive information is written to logs added
- Assignee set to Kefu Chai
- Status changed from Pending Backport to Resolved
While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".
- Parent task set to #47765
- Project changed from mgr to Dashboard
- Category changed from 132 to General
Also available in: Atom
PDF