From b9fd10e2612f26c93d49c168a0408aba6d20e5bf Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Wed, 5 Dec 2018 21:55:34 +0000 Subject: [PATCH] Prevent sensitive target data from being logged A previous commit made some changes to allow for more robust logging of RBAC enforcement data: I4642c57990b145c0e691140970574412682e66a5 This also included logging of the target data, which is provided by the service calling policy enforcement. This commit makes it so that target data is protected from exposing sensitive information. A good example is doing operations on users in keystone since keystone would populate the target dictionary with user information, and possibly passwords. This issue was found in keystone unit testing while trying to consume oslo.policy 1.43.0. Change-Id: I2702df8f3d7c040312eb863f7772b129e0e2c45c --- oslo_policy/policy.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/oslo_policy/policy.py b/oslo_policy/policy.py index 740f91c2..dd53ba7f 100644 --- a/oslo_policy/policy.py +++ b/oslo_policy/policy.py @@ -878,7 +878,9 @@ class Enforcer(object): else: raise TypeError('unexpected type %(creds_type)s' % {'creds_type': type(creds)}) - creds_dict = strutils.mask_dict_password(creds_dict) + creds_dict = strutils.mask_dict_password( + copy.deepcopy(creds_dict) + ) creds_msg = jsonutils.dumps(creds_dict, skipkeys=True, sort_keys=True) except Exception as e: @@ -886,7 +888,10 @@ class Enforcer(object): {'exp': e}) try: - target_msg = jsonutils.dumps(target, + target_dict = strutils.mask_dict_password( + copy.deepcopy(target) + ) + target_msg = jsonutils.dumps(target_dict, skipkeys=True, sort_keys=True) except Exception as e: target_msg = ('cannot format data, exception: %(exp)s' %