dgit.raspbian.org Git - 389-ds-base.git/commit

author	Mark Reynolds <mreynolds@redhat.com>
	Thu, 16 May 2019 00:16:42 +0000 (00:16 +0000)
committer	Anton Gladky <gladk@debian.org>
	Mon, 24 Apr 2023 04:08:15 +0000 (05:08 +0100)
commit	0a8b13b9c6ceb77b0171fe3355b2f0ec145f8491
tree	281ce534c3e866bed21b95f051179881bfc43efa	tree \| snapshot
parent	ebd6471a6340ff84a3e9d2ffadede226de1b60bb	commit \| diff

Ticket 50251 - clear text passwords visable in CLI verbose mode logging

Bug Description:  If you run any of the CLI tools using "-v", and set a password,
                  that password will be displayed in clear text in the console.

Fix Description:  Create an internal list of sensitive attributes to filter, and
                  mask them in the operation debug logging.  But still allow the
                  password to be seen if you set the env variable DEBUGGING=true

                  We also still print the root DN password if it is a container
                  installation.

https://pagure.io/389-ds-base/issue/50251

Reviewed by: spichugi, firstyear, and mhonek (Thanks!!!)

Gbp-Pq: Name CVE-2019-10224.patch

src/lib389/lib389/_constants.py		diff \| blob \| history
src/lib389/lib389/_entry.py		diff \| blob \| history
src/lib389/lib389/_mapped_object.py		diff \| blob \| history
src/lib389/lib389/instance/setup.py		diff \| blob \| history
src/lib389/lib389/tests/utils_test.py		diff \| blob \| history
src/lib389/lib389/utils.py		diff \| blob \| history