kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Viktor Somogyi <viktorsomo...@gmail.com>
Subject Re: CredentialCache might leak through Log
Date Thu, 31 Aug 2017 15:56:27 GMT
Hi Rodrigo,

What attacks are possible if this info is exposed?
I think printing the first one on debug is ok since that mode shouldn't be
enabled in production, while it might be very useful while debugging.
For the second one I could agree that we should print a sanitized warn
depending on the log level if the info we expose is a good surface for
attacks.

Regards,
Viktor

On Mon, Aug 21, 2017 at 10:17 PM, Rodrigo Andrade <rcaa2@cin.ufpe.br> wrote:

> Hi all,
>
> I think Kafka should avoid printing
>  SaslServerAuthenticator.credentialCache information through Log. I
> noticed
> that it might happen at lines 162 and 181 in SaslServerAuthentication. More
> specifically, through these lines:
>
> *LOG.debug("Creating SaslServer for {} with mechanism {}", kerberosName,
> saslMechanism);*
>
> *LOG.warn("Cannot add private credential to subject; clients authentication
> may fail", ex);*
>
> Perhaps sanitizing the information being printed would solve this issue.
>
> Best regards,
> Rodrigo Andrade
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message