Joystream / joystream

Joystream Monorepo
http://www.joystream.org
GNU General Public License v3.0
1.42k stars 115 forks source link

Sanitize logs of passwords #4635

Open yasiryagi opened 1 year ago

yasiryagi commented 1 year ago

Issue: Role Key passwords are visible in the logs Software: Storage server (colossus) Version: 3.0.1 Example log below


{"@timestamp":"2023-02-10T18:48:24.134Z","log.level":"error","message":"GET /api/v1/files/521: Error 404: ENOENT: no such file or directory, open '/data/521'","ecs":{"version":"1.6.0"},"meta":{"error":{"errno":-2,"syscall":"open","code":"ENOENT","path":"/data/521"},"level":"error","message":"uncaughtException: ENOENT: no such file or directory, open '/data/521'\nError: ENOENT: no such file or directory, open '/data/521'\n    at Object.openSync (fs.js:498:3)\n    at Function.module.exports.sync (/joystream/node_modules/with-open-file/index.js:19:17)\n    at Function.module.exports.sync (/joystream/node_modules/read-chunk/index.js:30:33)\n    at getFileInfo (/joystream/storage-node/src/services/helpers/fileInfo.ts:39:28)\n    at getFile (/joystream/storage-node/src/services/webApi/controllers/filesApi.ts:43:39)\n    at Layer.handle [as handle_request] (/joystream/node_modules/express/lib/router/layer.js:95:5)\n    at next (/joystream/node_modules/express/lib/router/route.js:144:13)\n    at Route.dispatch (/joystream/node_modules/express/lib/router/route.js:114:3)\n    at Layer.handle [as handle_request] (/joystream/node_modules/express/lib/router/layer.js:95:5)\n    at /joystream/node_modules/express/lib/router/index.js:284:15","stack":"Error: ENOENT: no such file or directory, open '/data/521'\n    at Object.openSync (fs.js:498:3)\n    at Function.module.exports.sync (/joystream/node_modules/with-open-file/index.js:19:17)\n    at Function.module.exports.sync (/joystream/node_modules/read-chunk/index.js:30:33)\n    at getFileInfo (/joystream/storage-node/src/services/helpers/fileInfo.ts:39:28)\n    at getFile (/joystream/storage-node/src/services/webApi/controllers/filesApi.ts:43:39)\n    at Layer.handle [as handle_request] (/joystream/node_modules/express/lib/router/layer.js:95:5)\n    at next (/joystream/node_modules/express/lib/router/route.js:144:13)\n    at Route.dispatch (/joystream/node_modules/express/lib/router/route.js:114:3)\n    at Layer.handle [as handle_request] (/joystream/node_modules/express/lib/router/layer.js:95:5)\n    at /joystream/node_modules/express/lib/router/index.js:284:15","exception":true,"date":"Fri Feb 10 2023 18:48:24 GMT+0000 (Coordinated Universal Time)","process":{"pid":29,"uid":0,"gid":0,"cwd":"/joystream/storage-node","execPath":"/usr/local/bin/node","version":"v14.21.2","argv":["/usr/local/bin/node","/joystream/node_modules/.bin/storage-node","server","--worker=0","--port=3333","--uploads=/data","--sync","--syncInterval=1","--queryNodeEndpoint=http://graphql-server:8081/graphql","--apiUrl=ws://joystream-node:9944/","--keyFile=/keystore/storage-role-key.json",

"--password=xxxxxx",

"--elasticSearchEndpoint=https://elastic.joystreamstats.live/","--logFilePath=/logs"],"memoryUsage":{"rss":275386368,"heapTotal":118562816,"heapUsed":115736848,"external":39780082,"arrayBuffers":716699}},"os":{"loadavg":[0.3,0.41,0.41],"uptime":3127318.3},"trace":[{"column":3,"file":"fs.js","function":"Object.openSync","line":498,"method":"openSync","native":false},{"column":17,"file":"/joystream/node_modules/with-open-file/index.js","function":"Function.module.exports.sync","line":19,"method":"sync","native":false},{"column":33,"file":"/joystream/node_modules/read-chunk/index.js","function":"Function.module.exports.sync","line":30,"method":"sync","native":false},{"column":28,"file":"/joystream/storage-node/src/services/helpers/fileInfo.ts","function":"getFileInfo","line":39,"method":null,"native":false},{"column":39,"file":"/joystream/storage-node/src/services/webApi/controllers/filesApi.ts","function":"getFile","line":43,"method":null,"native":false},{"column":5,"file":"/joystream/node_modules/express/lib/router/layer.js","function":"Layer.handle [as handle_request]","line":95,"method":"handle [as handle_request]","native":false},{"column":13,"file":"/joystream/node_modules/express/lib/router/route.js","function":"next","line":144,"method":null,"native":false},{"column":3,"file":"/joystream/node_modules/express/lib/router/route.js","function":"Route.dispatch","line":114,"method":"dispatch","native":false},{"column":5,"file":"/joystream/node_modules/express/lib/router/layer.js","function":"Layer.handle [as handle_request]","line":95,"method":"handle [as handle_request]","native":false},{"column":15,"file":"/joystream/node_modules/express/lib/router/index.js","function":null,"line":284,"method":null,"native":false}],"req":{"url":"/api/v1/files/521","headers":{"host":"joystream.yyagi.cloud","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9","sec-fetch-dest":"document","sec-fetch-mode":"navigate","sec-fetch-site":"none","sec-fetch-user":"?1","upgrade-insecure-requests":"1","x-forwarded-for":"202.90.152.70","x-forwarded-host":"joystream.yyagi.cloud","x-forwarded-proto":"https"},"method":"GET","httpVersion":"1.1","originalUrl":"/api/v1/files/521","query":{}}}}
bedeho commented 1 year ago

Please flesh out this issue, what software is this, what version, what are you pasting, what is the problem, without this the issue cannot be triaged or labelled well.

yasiryagi commented 1 year ago

Already provided above