Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Mask passwords in exceptions and error messages
When a ProcessExecutionError is thrown by processutils.execute(), the exception may contain information such as password. Upstream applications that just log the message (as several appear to do) could inadvertently expose these passwords to a user with read access to the log files. It is therefore considered prudent to invoke strutils.mask_password() on the command, stdout and stderr in the exception. A test case has been added to ensure that all three are properly masked. OSSA is aware of this change request. Originally-Submitted-In: I173dfb865e84eb7dee54a22c76db1e4f125a0a8a Change-Id: Ie122db5f19802f519b96ed024ab3f2b5eede3eee Closes-Bug: #1343604
- Loading branch information
Amrith Kumar
committed
Aug 20, 2014
1 parent
37b90ed
commit c906dcc
Showing
2 changed files
with
41 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters