Refactor #20116
Redact sensitive information from audit logs
Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Description
Changes to information such as passwords, secret keys etc should be audited without saving the sensitive value itself.
Currently we have workarounds in place in several places in foreman core. This should be fixed in the audited gem, opened https://github.com/collectiveidea/audited/pull/339 for that. Once that is merged we should leverage the gem solution to replace all workarounds we use.
Related issues
History
#1
Updated by Tomer Brisker about 5 years ago
- Related to Bug #19169: CVE-2017-2672 - audit trail leaks sensitive data for Image events added
#2
Updated by Tomer Brisker about 5 years ago
- Related to Bug #16850: Password change activity does not show in Audit log added
#3
Updated by Tomer Brisker over 4 years ago
- Related to Refactor #21920: Refactor password auditing added