Description of problem: Current implementation of logging and hiding secret values in the logs allows a race that can result in logging the actual secret value instead of the asterisks placeholder. Code like the following log.info("Data: %s", protected_secret_value) plain = unprotect_passwords(protected_secret_value) can result in the plain value occurring in the logs although a wrapped value is passed to the logger. Version-Release number of selected component (if applicable): 4.50, probably present since 4.30.1. How reproducible: There is currently no known reproducer.
File /usr/lib/python3.6/site-packages/vdsm/common/password.py with the presented by https://gerrit.ovirt.org/c/vdsm/+/118025/ change is part of the version ovirt-engine-4.5.0.5-0.7.el8ev.noarch, vdsm-4.50.0.13-1.el8ev.x86_64
We haven't noticed leaks of secrets with the fix