This repository has been archived by the owner on Jun 26, 2020. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Mask passwords in exceptions and error messages
When a ProcessExecutionError is thrown by processutils.ssh_execute(), the exception may contain information such as password. Upstream applications that just log the message (as several appear to do) could inadvertently expose these passwords to a user with read access to the log files. It is therefore considered prudent to invoke strutils.mask_password() on the command, stdout and stderr in the exception. A test case has been added to ensure that all three are properly masked. An earlier commit (I173dfb865e84eb7dee54a22c76db1e4f125a0a8a) failed to address ssh_execute(). This change set addresses ssh_execute. Submitted to oslo.concurrency in I0db9e98cbeb2a5e6f9ae0074f24717aa91cfc238 OSSA is aware of this change request. Change-Id: Ie0caf32469126dd9feb44867adf27acb6e383958 Closes-Bug: #1377981 (cherry-picked from 6a60f84)
- Loading branch information
Amrith Kumar
authored and
Tristan Cacqueray
committed
Oct 6, 2014
1 parent
9f019e0
commit 3cf7961
Showing
2 changed files
with
65 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters