Sensitive data is not hidden in command line dump in log file #4731

Closed
wixbot opened this Issue Apr 3, 2015 · 3 comments

Comments

Projects
None yet
2 participants
Collaborator

wixbot commented Apr 3, 2015

There is Hidden attribute for bundle variables which hides sensitive data in log file, but not when they come from command line:

Burn v3.9.1006.0, Windows v6.1 (Build 7601: Service Pack 1), path: Bundle.exe, cmdline: '-burn.unelevated ... SUPER_SECURE_PASSWORD=ilikecandies'
Initializing hidden variable 'SUPER_SECURE_PASSWORD'

This is a successor of http://sourceforge.net/p/wix/bugs/2539/

Note that MSI log output does hide sensitive data that is coming from command line:
MSI (s) (34:68) [10:29:34:935]: Command Line: SUPER_SECURE_PASSWORD=**********

Originally opened by verba.vadim

Collaborator

wixbot commented Apr 7, 2015

AssignedTo set to shall
Release changed from v3.9 to v3.10

Collaborator

wixbot commented Apr 12, 2015

3.10 pull request: 232.

4.0 pull request: 122.

Originally posted by rseanhall

Collaborator

wixbot commented Apr 15, 2015

Originally changed by rseanhall
Resolution set to fixed
Status changed from Open to Resolved

@wixbot wixbot added bug burn labels Dec 20, 2015

rseanhall was assigned by wixbot Dec 20, 2015

wixbot added this to the v3.10 milestone Dec 20, 2015

wixbot closed this Dec 20, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment