Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add sensitive flag for resources that expose passwords in log #147

Closed
kramvan1 opened this issue Oct 8, 2014 · 2 comments

Comments

Projects
None yet
2 participants
@kramvan1
Copy link
Contributor

commented Oct 8, 2014

The user add and change_password providers expose password on the execute command in the log.
The rabbitmq.conf exposed the user password in the log. Mark these resources as sensitive to keep that password info out of the log.
All resources already support the sensitive flag. The execute command had a bug with it and is being fixed with chef/chef#2013

@kramvan1

This comment has been minimized.

Copy link
Contributor Author

commented Oct 8, 2014

Pull request to fix this issue: #148

@jjasghar

This comment has been minimized.

Copy link
Collaborator

commented Nov 26, 2014

Done.

@jjasghar jjasghar closed this Nov 26, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.