Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-3452

gfsh does not redact passwords from history until the session is closed

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: gfsh, logging, security
    • Labels:
      None

      Description

      The `ArgumentRedactor` does not act on `gfsh` history until it is written to file when the `gfsh` session is closed. As a result, non-redacted passwords may be exposed in the `history` command as well as the Ctrl-R reverse-i-search until the session is closed.

      Because the redactor's behavior is simple, you can reproduce this with a simple `echo` command.

      gfsh> echo "example case --exposed-option=123 --password=456"
      example case --exposed-option 123 --password=456
      
      gfsh> history
      [...]
      491  490: echo "example case --exposed-option=123 --password=456"
      492  491: history
      
      gfsh> exit
      Exiting...
      
      [Restart gfsh]
      
      gfsh> history
      480  479: echo "example case --exposed-option=123 --password=*****
      481  480: history
      482  481: exit
      483  482: history
      

      Update: Upon a quick investigation, it appears that this and GEODE-4318 both can be addressed by creating / overriding and redacting in GfshHistory's implementation of jline.console.history.History::add. Closing this ticket as a duplicate of 4318.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                prhomberg Patrick Rhomberg
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: