-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
do not print potentially sensitive properties #84
Conversation
Ill have a look into this, I think it makes sense to mirror what is done upstream and there might be a handy function that does this. |
I've added a shared function. If we find an existing function, that's fine but I didn't find one. |
@mdedetrich the CVE is about logging properties. The properties are quite unlikely to be needed by people reading the logs. They can examine the configs to find them. If we really need to log properties, then maybe that can be looked at separately (there are a few ways to do this - maybe debug level logging). |
@pjfanning I am looking into this now, the main thing I want to investigate is that we redact the sensitive information in the same way that Kafka does so its not confusing |
I completely forgot about this, will try and have a look at the weekend |
@mdedetrich would you have time to review this? My view is that toString is not core functionality. It is sometimes useful for debugging but we can still err on the side of being very cautious about what toString returns. Users who need the Kafka client properties have other ways to get them. |
Ill look at it today, didn't have time this weekend. |
@pjfanning So I just had a look at this and it appears that you are masking every single field in the Am I missing something here? |
@pjfanning I managed to find a much better solution to this which defers to Kafka's own sensitive field/sanitization tooling so its always in sync with kafka, making PR now |
@mdedetrich see akka/alpakka-kafka#1592 and the issue with sasl.jaas.config property
|
Yes I know, Apache Kafka has written its own internal Config type which also gives to types for each key in the config. One of those types is |
@pjfanning So I have made a PR at #100 that properly solves the CVE. Note that my version uses the already existing inbuilt mechanism that upstream Kafka uses to filter out sensitive fields, which means its 100% correct when it comes to filtering out the correct properties and hence properly resolving the CVE
Filtering out every single value from |
#85