Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-47108

Support automatic redaction of Status and DBException by the logging system

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Logging
    • Labels:
      None
    • Server Security
    • Security 2020-04-20, Security 2020-05-04, Security 2020-05-18, Security 2020-06-01, Security 2020-06-29

      We are supposed to redactStatus or DBException prior to logging it, if it is possible that this entry may contain some sensitive information (e.g., unencrypted user data). This is a bit error prone, because it requires engineers to remember to add redact.

      It would be nice if the new V2 logging system automatically did this. With a disclaimer that I only thought about this for 15 seconds, where is what I am imagining:

      Somehow change the traits of CustomAttributeValue to check whether it is of type Status or DBException and instead of calling T::toString to actually call redact(T::toString()). My reasoning was that if this framework knows that there's a method toString it must also know that there is a specific type.

            Assignee:
            backlog-server-security [DO NOT USE] Backlog - Security Team
            Reporter:
            kaloian.manassiev@mongodb.com Kaloian Manassiev
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: