Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[dev.icinga.com #10640] Respect protected_variables in nested custom variables too #2137

Closed
icinga-migration opened this issue Nov 16, 2015 · 3 comments

Comments

Projects
None yet
1 participant
@icinga-migration
Copy link
Member

commented Nov 16, 2015

This issue has been migrated from Redmine: https://dev.icinga.com/issues/10640

Created by sbancal on 2015-11-16 09:22:58 +00:00

Assignee: elippmann
Status: Resolved (closed on 2016-02-23 14:45:03 +00:00)
Target Version: 2.2.0
Last Update: 2016-02-23 14:45:03 +00:00 (in Redmine)


Hi,

Password hiding mechanism set by the protected_customvars works for 1st level variables, but not 2nd level :

Let's say a host config has this :

vars.mysql["fooo"] = {
mysql_user = "fooo123"
mysql_password = host_mysql_fooo123
mysql_database = "fooo"
}

mysql_password is directly readable on icingaweb2.

If I declare the password this way (which is not possible in our context) :

vars.mysql_password = host_mysql_fooo123

Then the password is substitued with ***** on icingaweb2.

/etc/icingaweb2/config.ini contains :
[security]
protected_customvars = "pw,pass,community"

Versions :
icinga2 2.3.11-1ppa1trusty1
icingaweb2 2.0.0-1~ppa1

Changesets

2016-01-22 17:37:27 +00:00 by aklimov 7bc489b

MonitoredObject: obfuscate custom variables recursively

refs #10640

2016-02-23 09:54:47 +00:00 by elippmann acd2ef7

monitoring: Fix PHPDoc of MonitoredObject::obfuscateCustomVars()

refs #10640

2016-02-23 14:40:27 +00:00 by elippmann bb8478a

Merge branch 'bugfix/passwords-not-hidden-by-icinga-web-2-10640'

fixes #10640
@icinga-migration

This comment has been minimized.

Copy link
Member Author

commented Jan 22, 2016

Updated by aklimov on 2016-01-22 17:39:55 +00:00

  • Status changed from New to Feedback
  • Assigned to set to elippmann
@icinga-migration

This comment has been minimized.

Copy link
Member Author

commented Feb 17, 2016

Updated by elippmann on 2016-02-17 16:55:58 +00:00

  • Subject changed from Passwords not hidden by Icinga Web 2 to Respect protected_variables in nested custom variables too
  • Target Version set to 2.2.0
@icinga-migration

This comment has been minimized.

Copy link
Member Author

commented Feb 23, 2016

Updated by elippmann on 2016-02-23 14:45:03 +00:00

  • Status changed from Feedback to Resolved
  • Done % changed from 0 to 100

Applied in changeset bb8478a.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.