From 25a64b7949ab8b03dc682fb75edcd3dbaea951e4 Mon Sep 17 00:00:00 2001 From: Ferry Boender Date: Sat, 29 Apr 2017 11:33:01 +0200 Subject: [PATCH] Censor password values in audit logging. --- doc/MANUAL.md | 2 +- src/webapp.py | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/doc/MANUAL.md b/doc/MANUAL.md index 653fb25..c31eeb5 100644 --- a/doc/MANUAL.md +++ b/doc/MANUAL.md @@ -1305,7 +1305,7 @@ There are a few security issues to take into consideration when deploying Script "Invocations" chapter. - Scriptform logs the invocation of scripts and variables to the log file for - auditing purposes. + auditing purposes. Password values are censored. - Although Scriptform is written to be secure, it not meant to be served to the public internet. **You should only use it in controlled environments diff --git a/src/webapp.py b/src/webapp.py index 6476e6d..b5a0a4f 100644 --- a/src/webapp.py +++ b/src/webapp.py @@ -9,6 +9,7 @@ import tempfile import os import base64 import hashlib +import copy from formrender import FormRender from webserver import HTTPError, RequestHandler @@ -158,6 +159,16 @@ HTML_SUBMIT_RESPONSE = u''' {footer} ''' +def censor_form_values(form_def, form_values): + """ + Remove sensitive field values from form_values dict. + """ + censored_form_values = copy.copy(form_values) + for field in form_def.fields: + if field['type'] == 'password': + censored_form_values[field['name']] = '********' + return censored_form_values + class ScriptFormWebApp(RequestHandler): """ @@ -421,7 +432,7 @@ class ScriptFormWebApp(RequestHandler): log.info("Calling script: %s", form_def.script) log.info("Current working dir: %s", cwd) log.info("User: %s", username) - log.info("Variables: %s", dict(form_values.items())) + log.info("Variables: %s", censor_form_values(form_def, form_values)) form_def = form_config.get_form_def(form_name) result = runscript.run_script(form_def, form_values, self.wfile,