Closed gclawes closed 2 years ago
Krzmbrzl
commented
2 years ago I don't really see a problem with that. I mean it's not like there are other users in your Docker image that could open the log and read that information. And when not using Docker, this information is stored as plain text in the INI file, so how is that different to it appearing in the log? 👀
gclawes
commented
2 years ago Leaking sensitive data (passwords/secrets/etc) in log files is generally considered a bad security practice, regardless of how the process is running: https://cwe.mitre.org/data/definitions/532.html
Docker containers (including this one) usually log to standard out instead of log files in the container; the logs are captured by the docker runtime and are commonly shipped off the host to a logging system (many cloud providers with container runtime services do this automatically).
When mumble is run without docker, config files can be protected with file permissions and the contents can be reasonably expected not to leave the host.
Krzmbrzl
commented
2 years ago the logs are captured by the docker runtime and are commonly shipped off the host to a logging system (many cloud providers with container runtime services do this automatically).
Good point :+1:
The log statements in
set_configs()inentrypoint.shcan leak sensitive values to logs, primarily the value ofMUMBLE_CONFIG_DB_PASSWORDwhen using a database like mysql.https://github.com/mumble-voip/mumble-docker/blob/4d73da6902fea8ce1e17929ffab168f16a6820a8/entrypoint.sh#L45