Bug 1042361 - [RFE][python-neutronclient]: Limit logging of credentials in services using the client
Summary: [RFE][python-neutronclient]: Limit logging of credentials in services using t...
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: RFEs
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: RHOS Maint
QA Contact:
URL: https://blueprints.launchpad.net/pyth...
Whiteboard: upstream_milestone_none upstream_stat...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-12-12 21:53 UTC by RHOS Integration
Modified: 2015-03-19 17:16 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-19 17:16:58 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description RHOS Integration 2013-12-12 21:53:06 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/python-neutronclient/+spec/limit-credentials-logging.

Description:

Currently, debug settings cause logging of the credentials in services using neutronclient. This should be limited unless explicitly requested, as credentials will be stored in log files for a long time and most likely will be still usable after many days.

Shell utilities do not need to have the redaction enabled, since debug messages are not visible by default. Even when they're enabled, they're not stored permanently and may be useful for reproducing the exact action using curl.

Further removing all tokens could be useful, but since their usage is limited in time and they're used all over different parts of the code, it's a separate, much longer task.

Specification URL (additional information):

None
Note You need to log in before you can comment on or make changes to this bug.