Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add sensitive flag for resources that expose passwords in log #147

kramvan1 opened this issue Oct 8, 2014 · 2 comments


None yet
2 participants
Copy link

commented Oct 8, 2014

The user add and change_password providers expose password on the execute command in the log.
The rabbitmq.conf exposed the user password in the log. Mark these resources as sensitive to keep that password info out of the log.
All resources already support the sensitive flag. The execute command had a bug with it and is being fixed with chef/chef#2013


This comment has been minimized.

Copy link
Contributor Author

commented Oct 8, 2014

Pull request to fix this issue: #148


This comment has been minimized.

Copy link

commented Nov 26, 2014


@jjasghar jjasghar closed this Nov 26, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.