Refactor #20116: Redact sensitive information from audit logs - Foreman

Refactor #20116

Redact sensitive information from audit logs

Added by Tomer Brisker over 2 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Description

Changes to information such as passwords, secret keys etc should be audited without saving the sensitive value itself.
Currently we have workarounds in place in several places in foreman core. This should be fixed in the audited gem, opened https://github.com/collectiveidea/audited/pull/339 for that. Once that is merged we should leverage the gem solution to replace all workarounds we use.

Related issues

History

#1 Updated by Tomer Brisker over 2 years ago

Related to Bug #19169: CVE-2017-2672 - audit trail leaks sensitive data for Image events added

#2 Updated by Tomer Brisker over 2 years ago

Related to Bug #16850: Password change activity does not show in Audit log added

#3 Updated by Tomer Brisker about 2 years ago

Related to Refactor #21920: Refactor password auditing added

Also available in: Atom PDF

Related to Foreman - Bug #19169: CVE-2017-2672 - audit trail leaks sensitive data for Image events	Closed	2017-04-04
Related to Foreman - Bug #16850: Password change activity does not show in Audit log	Closed	2016-10-10
Related to Foreman - Refactor #21920: Refactor password auditing	Closed	2017-12-10

Project

General

Profile

Issues