Bug #1385
Please don't write clear text passwords to the logfile.
Status: | Closed | Start date: | 07/19/2012 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Javi Fontan | % Done: | 0% | |
Category: | Drivers - Auth | |||
Target version: | Release 3.8 | |||
Resolution: | fixed | Pull request: | ||
Affected Versions: | OpenNebula 3.6 |
Description
When using ldap authentification the users password ist logged to oned.log. This can cause insecurities.
Please check the attached patch and include it if it is ok.
best wishes,
Matthias
Associated revisions
bug #1385: ldap driver now returns the user dn as password
bug #1385: ldap password is not shown on error log
History
#1 Updated by Matthias Schmitz almost 9 years ago
#2 Updated by Javi Fontan almost 9 years ago
You are totally right about this. Thanks for the patch. Meanwhile you can set
DEBUG_LEVEL = 0
in oned.conf.
#3 Updated by Ruben S. Montero almost 9 years ago
- Status changed from New to Closed
- Target version set to Release 3.8
- Resolution set to duplicate
In fact, we already had an issue for this one. I am closing this an making it duplicate, and will leave a reference in the original issue to link the patch.
#4 Updated by Javi Fontan almost 9 years ago
- Status changed from Closed to Assigned
- Assignee set to Javi Fontan
- Resolution deleted (
duplicate)
Is not a duplicate of the other ticket (#1349). This one is about password in log files. The other ones is about password in the ONE database.
#5 Updated by Javi Fontan almost 9 years ago
With the changes made #1349 the password is not shown when the user is authenticated but still is shown on authentication error:
Fri Sep 14 18:03:54 2012 [AuM][I]: Command execution fail: /var/lib/one/remotes/auth/default/authenticate user02 - password02
#6 Updated by Javi Fontan almost 9 years ago
- Category set to Drivers - Auth
- Status changed from Assigned to Closed
- Resolution set to fixed
#7 Updated by lillyhow ken about 8 years ago
REMOVED
#8 Updated by lillyhow ken about 8 years ago
REMOVED
#9 Updated by lillyhow ken about 8 years ago
REMOVED