Project

General

Profile

Actions

Bug #13608

closed

file enforce content log file content which can have private info

Added by François ARMAND over 4 years ago. Updated 8 months ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Very Small
Priority:
0
Regression:

Description

In file enforce content, we have an info log with the file content. This can leak private info. The log must be removed.


Related issues 1 (0 open1 closed)

Related to Rudder - Bug #13175: rudder agent log files content in user facilityReleasedAlexis MoussetActions
Actions #1

Updated by Vincent MEMBRÉ over 4 years ago

first glance on the fix, a real pr arrives soon https://github.com/Normation/ncf/pull/836

Actions #2

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ
Actions #3

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/ncf/pull/837
Actions #4

Updated by Benoît PECCATTE over 4 years ago

  • Related to Bug #13175: rudder agent log files content in user facility added
Actions #5

Updated by Nicolas CHARLES over 4 years ago

  • Status changed from Pending technical review to In progress
  • Assignee changed from Benoît PECCATTE to Nicolas CHARLES

I'm taking over this issue!

Actions #6

Updated by Nicolas CHARLES over 4 years ago

Fix in 4.1 is really not trivial - it seems we need to rewrite the whole stack of loging to fix it.
Correcting in branch 4.3 in #13175

Actions #7

Updated by Vincent MEMBRÉ over 4 years ago

  • Assignee changed from Nicolas CHARLES to Benoît PECCATTE
Actions #8

Updated by Rudder Quality Assistant over 4 years ago

  • Assignee changed from Benoît PECCATTE to Vincent MEMBRÉ
Actions #9

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from In progress to Pending release

Applied in changeset ncf:commit:da2129f9bc50bb77f888993b7635c3a7362189bc.

Actions #10

Updated by Vincent MEMBRÉ over 4 years ago

Applied in changeset ncf:commit:01e928d6b7a5b29bc460a26db2c7f564f970dd51.

Actions #11

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.15, 4.3.5 and 5.0.1 which were released today.
Changelog
Changelog
Changelog
Actions #12

Updated by Vincent MEMBRÉ over 3 years ago

  • Private changed from Yes to No
  • Priority changed from 137 to 0
Actions

Also available in: Atom PDF