Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Added filter to remove sensitive application attributes from logging. #102

Merged
merged 2 commits into from

4 participants

@mheath

The services, environment, and request_uri attributes may all contain passwords and should not be logged.

@MarkKropf
Owner

@mheath I've created a story and prioritized it, thank you: https://www.pivotaltracker.com/story/show/64435730

@ematpl
Owner

Hi, @mheath ,

We noticed some inconsistency between the code and the spec: in particular, the spec looks for the request_uri field to be filtered out, but the code itself filters out droplet_uri. That seems like it might be a typo in the spec, but just wanted to verify what seems like an inconsistency.

Thanks, @ematpl and @kbkelly

@mheath

You're absolutely right. I updated the PR to test for the droplet_uri field which is the correct name of the attribute that needs to be filtered.

@cf-runtime cf-runtime merged commit 480321d into cloudfoundry:master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
View
23 lib/dea/starting/instance.rb
@@ -112,6 +112,27 @@ def to_s
end
end
+ class AttributesLoggingFilter
+ FILTER = %w[services environment droplet_uri]
+
+ def initialize(attributes)
+ @attributes = attributes
+ end
+
+ def to_hash
+ attributes = @attributes.dup
+ attributes.delete_if do |key,value|
+ FILTER.include?(key)
+ end
+
+ attributes
+ end
+
+ def to_json
+ to_hash.to_json
+ end
+ end
+
def self.translate_attributes(attributes)
attributes = attributes.dup
@@ -255,7 +276,7 @@ def initialize(bootstrap, attributes)
@exit_status = -1
@exit_description = ''
- logger.user_data[:attributes] = @attributes
+ logger.user_data[:attributes] = AttributesLoggingFilter.new(@attributes)
setup_container_from_snapshot
end
View
11 spec/unit/starting/instance_spec.rb
@@ -152,6 +152,16 @@
end
end
+ describe 'logging attributes' do
+ let(:logger) do
+ instance.instance_variable_get(:@logger)
+ end
+ subject { logger.user_data[:attributes].to_hash }
+ it 'does not log sensitive attributes' do
+ should_not include('services', 'droplet_uri', 'environment')
+ end
+ end
+
describe 'resource limits' do
it 'exports the memory limit in bytes' do
instance.memory_limit_in_bytes.should == 512 * 1024 * 1024
@@ -1463,4 +1473,5 @@ def expect_crash_handler
instance.instance_container_port.should == 5678
end
end
+
end
Something went wrong with that request. Please try again.