Public bug reported:
[ Impact ]
When doing SRU for sos 4.7.2 we encountered obfuscation issues, although
not a regression at the time, it was still an issue that had been
present for a while
So, these passwords would be fully visible to the end support personnel
and therefore leaked passwords.
[ Test Plan ]
1. Deploy a sunbeam simple cloud, and run the sos report, check to see if
passwords are obfuscated in configuration file
2. Deploy heat, and ensure auth_encryption_key is obfuscated in configuration
file
3. Deploy placement, and ensure that both NOVA_API_PASS and PLACEMENT_PASS are
obfuscated in configuration file
4. Deploy mysql and ensure password field is obfuscated in configuration file
[ Where problems could occur ]
The corresponding files are not obfuscated, and we need to update the
patches
** Affects: sosreport (Ubuntu)
Importance: Undecided
Status: New
** Affects: sosreport (Ubuntu Focal)
Importance: Undecided
Assignee: Arif Ali (arif-ali)
Status: In Progress
** Affects: sosreport (Ubuntu Jammy)
Importance: Undecided
Assignee: Arif Ali (arif-ali)
Status: In Progress
** Affects: sosreport (Ubuntu Noble)
Importance: Undecided
Assignee: Arif Ali (arif-ali)
Status: In Progress
** Affects: sosreport (Ubuntu Oracular)
Importance: Undecided
Assignee: Arif Ali (arif-ali)
Status: In Progress
** Also affects: sosreport (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: sosreport (Ubuntu Oracular)
Importance: Undecided
Status: New
** Also affects: sosreport (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: sosreport (Ubuntu Noble)
Importance: Undecided
Status: New
** Changed in: sosreport (Ubuntu Focal)
Assignee: (unassigned) => Arif Ali (arif-ali)
** Changed in: sosreport (Ubuntu Jammy)
Assignee: (unassigned) => Arif Ali (arif-ali)
** Changed in: sosreport (Ubuntu Noble)
Assignee: (unassigned) => Arif Ali (arif-ali)
** Changed in: sosreport (Ubuntu Oracular)
Assignee: (unassigned) => Arif Ali (arif-ali)
** Changed in: sosreport (Ubuntu Focal)
Status: New => In Progress
** Changed in: sosreport (Ubuntu Jammy)
Status: New => In Progress
** Changed in: sosreport (Ubuntu Noble)
Status: New => In Progress
** Changed in: sosreport (Ubuntu Oracular)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2085607
Title:
Obfuscation issues in sosreport sos 4.7.2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sosreport/+bug/2085607/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
