Open YLChen-007 opened 3 months ago
@1561316811 , these logs are done explicitely to help operators trouble shoot their environment. Can you explain why this is a problem?
@YLChen-007 , A job without password (obfuscated) is logged. I don't understand the problem you are seeing. Can you explain?
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
SUMMARY
Sensitive information of jobVo.getResult() may log out at "s_logger.debug("New job " + workJob.getId() + ", result field: " + jobVo.getResult());"
Detail
Following the link, we know resultObject is sensitive data, which may contain passwords.
https://github.com/apache/cloudstack/blob/bd38f0647f59e09bc0755bbf48d48fb0a21295ca/framework/jobs/src/main/java/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java#L261
Then the resultObject flows to field of jon in follow code . https://github.com/apache/cloudstack/blob/bd38f0647f59e09bc0755bbf48d48fb0a21295ca/framework/jobs/src/main/java/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java#L288
So I guess the job.result may contain sensitive data, which cannot be log out. But in follow code, job.result is printed. https://github.com/apache/cloudstack/blob/bd38f0647f59e09bc0755bbf48d48fb0a21295ca/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java#L3422