Hi,
When using log4perl recently in one of my Web-automation scripts I
asked myself the following question:
Is it possible to use the log4perl appenders, layouts etc. to mask
secret values (passwords) from the log files generated by log4perl ?
For example, I routinely use log4perl to dump the data in web forms
before POSTing them. These forms often contain sensitive user
information and I wouldn't want any of my users to post a log with his
password on some public bugzilla. To this day I have manually filtered
out these secrets using a wrapper function used in sensitive places. I
feel however, that I need a better approach.
As a quick proof-of-concept I simply hacked my own version of the
Multiline appender adding the following code:
---
/usr/lib/perl5/vendor_perl/5.8.8/Log/Log4perl/Layout/PatternLayout/Multiline.pm
2009-12-30
14:27:32.000000000 +0100
+++ lib/Log/Log4perl/Layout/PatternLayout/Masked.pm 2010-02-01
07:24:01.000000000 +0100
@@ -1,8 +1,11 @@
#!/usr/bin/perl
-package Log::Log4perl::Layout::PatternLayout::Multiline;
+package Log::Log4perl::Layout::PatternLayout::Masked;
use base qw(Log::Log4perl::Layout::PatternLayout);
+use Log::Log4perl::MDC;
+
+
###########################################
sub render {
###########################################
@@ -13,8 +16,15 @@
$caller_level = 0 unless defined $caller_level;
my $result;
+ my $secret_list = Log::Log4perl::MDC->get("secrets");
for my $msg ( @messages ) {
+ # Mask the secret values if needed
+ if ( $secret_list ) {
+ foreach (keys %{$secret_list}) {
+ $msg =~ s/$_/$secret_list->{$_}/g;
+ }
+ }
$result .= $self->SUPER::render(
$msg, $category, $priority, $caller_level + 1
);
The "proper" solution however would be to make this feature
independent of the layout and appender used. I have tried to use
filters but unfortunately the filter function cannot change the
contents of the message. I think the best approach would be to allow
the filter function to change the contents of the message by passing a
reference to the message hash instead of a copy.
This of course will break compatibility with existing filters and they
would have to be rewritten. Fortunately, there is not a lot of them in
the Log4perl distribution, I don't know about any external ones.
What do you think about all of this ? I'm willing to write the code &
tests needed to implement this feature properly if there is interest
in it.
Best regards,
Maciej Grela
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
log4perl-devel mailing list
log4perl-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/log4perl-devel
