Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Database credential leak via server.log

See original GitHub issue

On startup, for at least the postgres connector, properties are printed in the clear to (world readable) server.log. This includes database accounts and passwords:

2017-03-21T14:24:05.973Z	INFO	main	com.facebook.presto.metadata.StaticCatalogStore	-- Loading catalog /etc/presto/catalog/harness-archive.properties --
2017-03-21T14:24:06.917Z	INFO	main	Bootstrap	PROPERTY             DEFAULT  RUNTIME                                                                                          DESCRIPTION
2017-03-21T14:24:06.918Z	INFO	main	Bootstrap	connection-password  null     *mydatabasepassword*
2017-03-21T14:24:06.918Z	INFO	main	Bootstrap	connection-url       null     jdbc:postgresql://*connectionstring*
2017-03-21T14:24:06.918Z	INFO	main	Bootstrap	connection-user      null     *mydatabaseuser*
2017-03-21T14:24:06.918Z	INFO	main	Bootstrap	allow-drop-table     false    false                                                                                            Allow connector to drop

Issue Analytics

State:
Created 7 years ago
Comments:5 (4 by maintainers)

Top GitHub Comments

1reaction

Eronarncommented, Mar 21, 2017

For instance, if we send those logs to a third party service, now those credentials are stored plaintext in that service. It’s a fairly common pattern to want people to have access to operational logs without having access to the underlying credentials. And in some deployments, the configuration and the logging may be stored differently or have different permissions on the filesystem.

0reactions

electrumcommented, Jun 13, 2017

This will be fixed in the next release. Thanks @amrutagokhale!