You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by Lorrin Nelson <lh...@nerdylorrin.net> on 2010/09/01 22:21:46 UTC
FTP endpoint is logging my password / proposed patch
Hi --
I'm fairly new to Camel, but my impression is that URIs with sensitive data are common and that URIs are frequently logged. I bumped into this myself most recently with an FTP consumer. I ended up with log messages like this:
RemoteFileProducer 2010-08-31 16:21:45,459 -- INFO -- Connected and logged in to: Endpoint[sftp://myusername@my.host.name/var/my/path?fileName=myFile.txt&password=yikesMyPassword]
I propose a sane-defaults patch of modifying DefaultEndoint.java's toString to sanitize the URI by looking for URI params containing the tokens "password" or "passphrase" and rendering their value as "*******" instead of the actual value. Obviously this isn't always the right thing to do in every situation, but it seems appropriate for many endpoints. Any for which it is not appropriate could override toString.
If folks like this idea I have a patch I'm happy to submit.
http://github.com/lorrin/camel/commit/a8719ccde91c438f95ed173be1e2405d96b8b13d
Cheers
-Lorrin
Re: FTP endpoint is logging my password / proposed patch
Posted by Claus Ibsen <cl...@gmail.com>.
Hi
There is a related ticket
https://issues.apache.org/activemq/browse/CAMEL-2987
Which can help here as it allows to use encrypted passwords.
Then the logging will just be that encrypted password which isn't readable.
password=#ENC#4fg48dgh58747f744#ENC#
And I wonder if there is any stuff from the regular JDK we can use as
a first shot, so end users don't need to mess with additional .jars in
the classpath.
The downside is the end user has to compute the token, which requires
to use a Java app for that.
On Wed, Sep 1, 2010 at 10:55 PM, Hadrian Zbarcea <hz...@gmail.com> wrote:
> We are happy to apply patches, thanks for the contribution. The proper way though is to create an issue in jira and attach the patch to it. Please check the "grant license to apache" when you attach the patch, otherwise we will not be able to apply.
>
> Coincidentally I was thinking about the very same issue today and I fear it affects other components. My thought though was to annotate the secret fields with some think like @Secret. How about that?
>
> Thanks,
> Hadrian
>
>
>
> On Sep 1, 2010, at 4:21 PM, Lorrin Nelson wrote:
>
>> Hi --
>>
>> I'm fairly new to Camel, but my impression is that URIs with sensitive data are common and that URIs are frequently logged. I bumped into this myself most recently with an FTP consumer. I ended up with log messages like this:
>>
>> RemoteFileProducer 2010-08-31 16:21:45,459 -- INFO -- Connected and logged in to: Endpoint[sftp://myusername@my.host.name/var/my/path?fileName=myFile.txt&password=yikesMyPassword]
>>
>> I propose a sane-defaults patch of modifying DefaultEndoint.java's toString to sanitize the URI by looking for URI params containing the tokens "password" or "passphrase" and rendering their value as "*******" instead of the actual value. Obviously this isn't always the right thing to do in every situation, but it seems appropriate for many endpoints. Any for which it is not appropriate could override toString.
>>
>> If folks like this idea I have a patch I'm happy to submit.
>>
>> http://github.com/lorrin/camel/commit/a8719ccde91c438f95ed173be1e2405d96b8b13d
>>
>> Cheers
>> -Lorrin
>
>
--
Claus Ibsen
Apache Camel Committer
Author of Camel in Action: http://www.manning.com/ibsen/
Open Source Integration: http://fusesource.com
Blog: http://davsclaus.blogspot.com/
Twitter: http://twitter.com/davsclaus
Re: FTP endpoint is logging my password / proposed patch
Posted by Hadrian Zbarcea <hz...@gmail.com>.
We are happy to apply patches, thanks for the contribution. The proper way though is to create an issue in jira and attach the patch to it. Please check the "grant license to apache" when you attach the patch, otherwise we will not be able to apply.
Coincidentally I was thinking about the very same issue today and I fear it affects other components. My thought though was to annotate the secret fields with some think like @Secret. How about that?
Thanks,
Hadrian
On Sep 1, 2010, at 4:21 PM, Lorrin Nelson wrote:
> Hi --
>
> I'm fairly new to Camel, but my impression is that URIs with sensitive data are common and that URIs are frequently logged. I bumped into this myself most recently with an FTP consumer. I ended up with log messages like this:
>
> RemoteFileProducer 2010-08-31 16:21:45,459 -- INFO -- Connected and logged in to: Endpoint[sftp://myusername@my.host.name/var/my/path?fileName=myFile.txt&password=yikesMyPassword]
>
> I propose a sane-defaults patch of modifying DefaultEndoint.java's toString to sanitize the URI by looking for URI params containing the tokens "password" or "passphrase" and rendering their value as "*******" instead of the actual value. Obviously this isn't always the right thing to do in every situation, but it seems appropriate for many endpoints. Any for which it is not appropriate could override toString.
>
> If folks like this idea I have a patch I'm happy to submit.
>
> http://github.com/lorrin/camel/commit/a8719ccde91c438f95ed173be1e2405d96b8b13d
>
> Cheers
> -Lorrin