Secure data is being logged

permitio / opal

Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

https://opal.ac

Apache License 2.0

3.5k stars 154 forks source link

Secure data is being logged #596

Open tyndra opened 1 month ago

tyndra commented 1 month ago

Discussed in https://github.com/permitio/opal/discussions/575

^{Originally posted by **tyndra** April 25, 2024} I’ve noticed that several modules log the sensitive information: connection strings, and data sources configuration that includes auth tokens. Disabling logging for those modules via OPAL_LOG_MODULE_EXCLUDE_LIST prevents sensitive info from being printed, but hides useful diagnostic logs.