Prevent logging of restricted file contents

Prevent logging of sensitive data in restricted
files when privsep operations complete.

Dell PowerFlex: password appears in plain text when
- creating a volume from an image
- attaching a volume
- detatching a volume

Closes bug #2003179

Change-Id: Ic26a355e65b3392df9fb970170c9dbb60bbf4606
This commit is contained in:
Bryan Neumann 2024-02-21 15:33:49 -05:00
parent f0c7eca61b
commit 256550a14b
2 changed files with 16 additions and 2 deletions

View File

@ -496,8 +496,8 @@ class Daemon(object):
"""
try:
reply = result.result()
LOG.debug('privsep: reply[%(msgid)s]: %(reply)s',
{'msgid': msgid, 'reply': reply})
LOG.debug('privsep: reply[%(msgid)s]: has_reply? %(reply)s',
{'msgid': msgid, 'reply': reply != None})
channel.send((msgid, reply))
except IOError:
self.communication_error = sys.exc_info()

View File

@ -0,0 +1,14 @@
---
fixes:
- |
`Bug #2003179 <https://bugs.launchpad.net/cinder/+bug/2003179>`_: Fixed
Prevent logging of restricted file contents
Prevent logging of sensitive data in restricted
files when privsep operations complete.
Dell PowerFlex: password appears in plain text when
- creating a volume from an image
- attaching a volume
- detatching a volume