Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: redact password in database URI when logging #2032

Merged
merged 1 commit into from
May 21, 2024
Merged

fix: redact password in database URI when logging #2032

merged 1 commit into from
May 21, 2024

Conversation

jeremycline
Copy link
Sponsor Contributor

Hi,

I think this is a bit of a niche fix since I imagine not tons of people self-host and perhaps it's something those who are running servers do want, so I won't be the least bit bothered if this isn't merged.

Previously, in the event that there was a configuration issue and the atuin server failed to connect to PostgreSQL, it would log the database URI including the password.

For example, if the password authentication failed the following log message would be printed:

Error: failed to connect to db: PostgresSettings { db_uri: "postgres://atuin:definitelymypassword@db.example.com/atuin" }

This change sets the password to "****" when printing it via Debug:

Error: failed to connect to db: PostgresSettings { db_uri: "postgres://atuin:****@db.example.com/atuin" }

Hopefully few people use **** as the actual password.

Checks

  • I am happy for maintainers to push small adjustments to this PR, to speed up the review cycle
  • I have checked that there are no existing pull requests for the same thing

@jeremycline
fix: redact password in database URI when logging
299396f 
Previously, in the event that there was a configuration issue and the
atuin server failed to connect to PostgreSQL, it would log the password.

For example, if the password authentication failed the following log
message would be printed:

Error: failed to connect to db: PostgresSettings { db_uri:
    "postgres://atuin:definitelymypassword@db.example.com/atuin" }

This change sets the password to "****" when printing it via Debug:

Error: failed to connect to db: PostgresSettings { db_uri:
    "postgres://atuin:****@db.example.com/atuin" }

Hopefully few people use **** as the actual password.
@tessus
Copy link
Contributor

tessus commented May 20, 2024
edited

LGTM.

I have also often seen that the length of the password is kept (just the characters are replaced by *), but the current solution is more secure as it doesn't allow to infer the password length. 👍

Some people also deem the username, hostname, and db name as privileged information, but unless you work for one of the 3 or 4 letter gov orgs, there is no need to entertain that. ;-)

Edit: Can you maybe add the following to your comment above: fixes #2020

ellie
ellie approved these changes May 21, 2024
View reviewed changes
Copy link
Member

@ellie ellie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thank you! 🥳

Seeing as this is your first time contributing, if you would like a holographic contributors-only Atuin sticker, then please fill out this form!

We do also have a Discord if you'd like to ask any questions, or just fancy hanging out!

@ellie ellie merged commit 3293084 into atuinsh:main May 21, 2024
14 checks passed
@ellie ellie mentioned this pull request May 21, 2024
Closed
@jeremycline jeremycline deleted the redact-password branch May 21, 2024 04:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ellie ellie ellie approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jeremycline @tessus @ellie