Bug 1020871

Summary: [notifier] SECURITY - notifier.log contains value of MAIL_PASSWORD if not empty
Product: Red Hat Enterprise Virtualization Manager Reporter: Jiri Belka <jbelka>
Component: ovirt-engine-notification-serviceAssignee: Mooli Tayer <mtayer>
Status: CLOSED CURRENTRELEASE QA Contact: Jiri Belka <jbelka>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 3.3.0CC: acathrow, bazulay, danken, eedri, emesika, iheim, Rhev-m-bugs, yeylon
Target Milestone: ---   
Target Release: 3.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: is21 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-21 22:18:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1032811    

Description Jiri Belka 2013-10-18 12:12:25 UTC 
Description of problem:

SECURITY - notifier.log contains value of MAIL_PASSWORD if not empty! This file is world-readable!

# su -s /bin/sh nobody -c 'grep -q MAIL_PASSWORD /var/log/ovirt-engine/notifier/notifier.log && echo found_pattern'
found_pattern

-%-
# grep MAIL_PASS /etc/ovirt-engine/notifier/notifier.conf                                                                                      
MAIL_PASSWORD=foobar

# grep MAIL_PASS /var/log/ovirt-engine/notifier/notifier.log | tail -n1
2013-10-18 13:59:42,048 INFO  [org.ovirt.engine.core.utils.LocalConfig] Value of property "MAIL_PASSWORD" is "foobar".

Version-Release number of selected component (if applicable):
is19

How reproducible:
100%

Steps to Reproduce:
1. MAIL_ENABLE_SSL=true, MAIL_SERVER=$smtp_server, MAIL_USER=$auth-name, MAIL_PASSWORD=$auth-password defined in /etc/ovirt-engine/notifier/notifier.conf
2. restart ovirt-engine-notifier
3. see MAIL_PASSWORD in notifier.log

Actual results:
password define in conf file is visible plaintext in log file!

Expected results:
do not show password as it can leak

Additional info:
Comment 1 Mooli Tayer 2013-10-21 12:27:56 UTC 
There is a configuration key called SENSITIVE_KEYS which is a comma separated list of hidden configuration keys. 

patch proposed upstream adding MAIL_PASSWORD to ovirt-engine-notifier.conf.
Comment 3 Jiri Belka 2013-11-11 14:09:28 UTC 
ok, is22.
Comment 4 Itamar Heim 2014-01-21 22:18:03 UTC 
Closing - RHEV 3.3 Released
Comment 5 Itamar Heim 2014-01-21 22:24:29 UTC 
Closing - RHEV 3.3 Released