jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: Providing details with CommitFailedException and security considerations
Date Thu, 12 Sep 2013 07:00:00 GMT
hi chetan

please don't expose any information in the exception nor in
the log files that was not accessible otherwise to the user.
not even item names.

thanks
angela

On 9/12/13 6:56 AM, "Chetan Mehrotra" <chetan.mehrotra@gmail.com> wrote:

>Hi,
>
>As part of OAK-943 I had updated the ConflictValidator [1] to more
>more details around Commit Failure. However exposing such details as
>part of exception was considered risky from security aspect and it was
>decided to log a warning instead.
>
>Now in some cases the upper layer do expect a CommitFailedException
>have required logic to retry the commit in case of failure. In such
>cases these warning logs cause confusion.
>
>So not sure what is the best thing to do. Should I turn the log to
>debug level or make details part of exception message?
>
>Making it part of warn level would cause issue as such situations a
>not very repetative and users typically run system at INFO level.
>
>If I make it part of exception message is then max it would expose
>presence of some property names (not there values). And in most cases
>the exception is not exposed to end user and is logged to system logs.
>So probably we can make it part of exception message itself
>
>
>[1] 
>https://github.com/apache/jackrabbit-oak/blob/trunk/oak-core/src/main/java
>/org/apache/jackrabbit/oak/plugins/commit/ConflictValidator.java#L90
>
>Chetan Mehrotra


Mime
View raw message