Actions
Task #8202
closed
Make sensitive fields write_only and stop filtering on them
Start date:
Due date:
% Done:
100%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
GalaxyNG
Sprint:
Sprint 91
Quarter:
Description
Make these fields write_only=True
- username
- password
- proxy_username
- proxy_password
- client_key
Filter implications¶
To not leak data we can no longer offer filtering of these fields. The FilterSet needs to be adjusted with this work to disinclude these fields.
Update the docs¶
There are scary banners that say that Pulp is unsafe to use because it returns this kind of data in the responses. The banners should still exist, but they should no longer give examples of username and password becase that is no longer in the API. It should say instead that it could read data from objects from other users (or something like that).
Related issues
Updated by daviddavis almost 4 years ago
- Tracker changed from Issue to Task
- % Done set to 0
- Severity deleted (
2. Medium) - Triaged deleted (
No)
Updated by bmbouter almost 4 years ago
- Blocks Story #8192: Add code to pulpcore that uses the db key to encrypt fields added
Updated by bmbouter almost 4 years ago
- Subject changed from Make sensitive fields write_only to Make sensitive fields write_only and stop filtering on them
- Description updated (diff)
Updated by daviddavis almost 4 years ago
Updated by bmbouter almost 4 years ago
- Description updated (diff)
notes from the original posting:
Potentially needing to be write_only¶
- username
- password
- proxy_url
- proxy_username - not yet merged, but soon https://pulp.plan.io/issues/8167
- proxy_password - not yet merged, but soon https://pulp.plan.io/issues/8167
- client_cert
- client_key
bmbouter's recommendations¶
- username - yes because this can be significant
- password - yes, definitely
- proxy_url - no, but it's debatable. Users could set username/password in this. Perhaps we could have the validation disable users from doing that. That would be good. Being able to read back the proxy_url is important for users I think.
- proxy_username - yes because this can be significant
- proxy_password - yes, definitly
- client_cert - no, certs aren't useful without the key
- client_key - yes, definitly
Updated by daviddavis almost 4 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to daviddavis
Updated by pulpbot over 3 years ago
- Status changed from ASSIGNED to POST
Added by daviddavis over 3 years ago
Updated by daviddavis over 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulpcore|b5e49a32a3fbc9856951eadd4e821e0fc7b7f133.
Updated by ipanova@redhat.com over 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Actions
.
Make sensitive Remote fields write_only
fixes #8202