Bug 2033697 - Secret information may be leaked in Vdsm logs
Summary: Secret information may be leaked in Vdsm logs
Alias: None
Product: vdsm
Classification: oVirt
Component: General
Hardware: Unspecified
OS: Unspecified
Target Milestone: ovirt-4.5.0
Assignee: Milan Zamazal
QA Contact: Polina
Depends On:
Blocks: 2039251
TreeView+ depends on / blocked
Reported: 2021-12-17 16:29 UTC by Milan Zamazal
Modified: 2022-05-08 10:27 UTC (History)
4 users (show)

Fixed In Version: vdsm-
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2022-05-08 10:27:53 UTC
oVirt Team: Virt
sbonazzo: ovirt-4.5+

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHV-44385 0 None None None 2021-12-17 16:30:23 UTC
oVirt gerrit 118025 0 master MERGED common: Make sure passwords remain protected 2021-12-20 18:18:05 UTC

Description Milan Zamazal 2021-12-17 16:29:03 UTC
Description of problem:

Current implementation of logging and hiding secret values in the logs allows a race that can result in logging the actual secret value instead of the asterisks placeholder. Code like the following

  log.info("Data: %s", protected_secret_value)
  plain = unprotect_passwords(protected_secret_value)

can result in the plain value occurring in the logs although a wrapped value is passed to the logger. 

Version-Release number of selected component (if applicable):

4.50, probably present since 4.30.1.

How reproducible:

There is currently no known reproducer.

Comment 1 Polina 2022-05-04 07:55:59 UTC
File /usr/lib/python3.6/site-packages/vdsm/common/password.py with the presented by https://gerrit.ovirt.org/c/vdsm/+/118025/ change  is part of the version ovirt-engine-, vdsm-

Comment 2 Arik 2022-05-08 10:27:53 UTC
We haven't noticed leaks of secrets with the fix

Note You need to log in before you can comment on or make changes to this bug.