Bug 2033697 - Secret information may be leaked in Vdsm logs
Summary: Secret information may be leaked in Vdsm logs
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: vdsm
Classification: oVirt
Component: General
Version: 4.40.100.1
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ovirt-4.5.0
: 4.50.0.4
Assignee: Milan Zamazal
QA Contact: Polina
URL:
Whiteboard:
Depends On:
Blocks: 2039251
TreeView+ depends on / blocked
 
Reported: 2021-12-17 16:29 UTC by Milan Zamazal
Modified: 2022-05-08 10:27 UTC (History)
4 users (show)

Fixed In Version: vdsm-4.50.0.4
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-05-08 10:27:53 UTC
oVirt Team: Virt
Embargoed:
sbonazzo: ovirt-4.5+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHV-44385 0 None None None 2021-12-17 16:30:23 UTC
oVirt gerrit 118025 0 master MERGED common: Make sure passwords remain protected 2021-12-20 18:18:05 UTC

Description Milan Zamazal 2021-12-17 16:29:03 UTC 
Description of problem:

Current implementation of logging and hiding secret values in the logs allows a race that can result in logging the actual secret value instead of the asterisks placeholder. Code like the following

  log.info("Data: %s", protected_secret_value)
  plain = unprotect_passwords(protected_secret_value)

can result in the plain value occurring in the logs although a wrapped value is passed to the logger. 

Version-Release number of selected component (if applicable):

4.50, probably present since 4.30.1.

How reproducible:

There is currently no known reproducer.
Comment 1 Polina 2022-05-04 07:55:59 UTC 
File /usr/lib/python3.6/site-packages/vdsm/common/password.py with the presented by https://gerrit.ovirt.org/c/vdsm/+/118025/ change  is part of the version ovirt-engine-4.5.0.5-0.7.el8ev.noarch, vdsm-4.50.0.13-1.el8ev.x86_64
Comment 2 Arik 2022-05-08 10:27:53 UTC 
We haven't noticed leaks of secrets with the fix
Note You need to log in before you can comment on or make changes to this bug.