Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mask rendered data (in logs) #48291

Merged
merged 9 commits into from
Jun 25, 2018
Merged

Mask rendered data (in logs) #48291

merged 9 commits into from
Jun 25, 2018

Conversation

isbm
Copy link
Contributor

@isbm isbm commented Jun 25, 2018

What does this PR do?

  • Fixes a security issue
  • Adds an utility to further fix such cases

What issues does this PR fix or reference?

When you call salt-ssh -l debug, you will get the entire roster with the passwords directly in the log. This PR fixes this by matching key: value strings in the output data and replaces YAML values with the ** hidden ** string. This can be applied for passwords, user IDs, actual IP addresses etc.

NOTE: this is so far is limited only to key: value where value is replaced. Feel free to extend it for IP addresses etc.

Tests written?

Yes

@rallytime rallytime requested a review from a team June 25, 2018 13:34
terminalmage
terminalmage suggested changes Jun 25, 2018
View reviewed changes
salt/utils/sanitizers.py Outdated
for line in data.split(os.linesep):
if fnmatch.fnmatch(line.strip(), mask) and ':' in line:
key, value = line.split(':', 1)
out.append('{}: {}'.format(key.strip(), '** hidden **'))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just as a precaution, key.strip() should probably be salt.utils.stringutils.to_unicode(key.strip()), to prevent a UnicodeDecodeError if key happens to be a str type with non-ascii unicode in it.

salt/utils/sanitizers.py Outdated

Note, this is working only when data is a single string,
ready for print or dump to the log. Also, when the data is formatted
as "key: value" in YAML syntax.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we reword the above two paragraphs like this?

    This can be used for cases where keys in your roster file may contain
    sensitive data such as IP addresses, passwords, user names, etc.

    Note that this works only when ``data`` is a single string (i.e. when the
    data in the roster is formatted as ``key: value`` pairs in YAML syntax).

@isbm
Copy link
Contributor Author

isbm commented Jun 25, 2018

@terminalmage done!

@rallytime rallytime merged commit b44f0f1 into saltstack:develop Jun 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terminalmage terminalmage terminalmage approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@isbm @terminalmage @rallytime