Details

    • Type: Bug
    • Status: Complete
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Sprint:
      10

      Description

      When the client cli is run, it generates a world-readable cli.log file that echoes all commands typed into the cli. Unfortunately, this includes seeds, which are sensitive information. For example, if a trustee types in his seed in the CLI to perform his duties, what he types in is written to the cli.log as follows:

      2017-08-04 14:02:45,481 | INFO | cli.py (1921) | parse | CLI command entered: new key with seed secretTrusteeSeed000000000000000

      This seed data should not be written to the log. A better solution would be to mask the seed when writing to the log:

      2017-08-04 14:02:45,481 | INFO | cli.py (1921) | parse | CLI command entered: new key with seed [redacted]

      The same information is written to .sovrin-cli-history, which is also a world-readable file. Seeds should also be redacted there.

        Attachments

          Activity

            People

            • Assignee:
              danielhardman Daniel Hardman
              Reporter:
              ashcherbakov Alexander Shcherbakov
              Watchers:
              Alexander Shcherbakov, Dmitry Surnin, Kelly Wilson
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 hour
                1h
                Remaining:
                Remaining Estimate - 1 hour
                1h
                Logged:
                Time Spent - Not Specified
                Not Specified