[SERVER-39406] Log redaction unnecessary obfuscates WiredTiger error messages Created: 06/Feb/19 Updated: 06/Dec/22 Resolved: 14/Feb/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | 3.6.7 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Minor - P4 |
| Reporter: | Dmitry Ryabtsev | Assignee: | Backlog - Storage Execution Team |
| Resolution: | Won't Fix | Votes: | 6 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Storage Execution
|
||||||||
| Operating System: | ALL | ||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
If log redaction is enabled, then WiredTiger errors also get redacted:
This is how a sample message like that looks if not redacted:
As you can see, this message does not have any PII information and therefore the redaction is not justified. This is a defect that makes diagnostics harder. |
| Comments |
| Comment by Geert Bosch [ 14/Feb/19 ] |
|
It is not always safe to leave WiredTiger error messages unredacted. It would be a large effort to push redaction code down to WiredTiger, as we'd have to audit every place WiredTiger can return errors. So we will close this as won't fix. |
| Comment by Dmitry Ryabtsev [ 06/Feb/19 ] |
|
There are actually a number of places where redact() is applied to a WiredTiger message. Would be nice to review all these instances. |
| Comment by Kelsey Schubert [ 06/Feb/19 ] |
|
Assigning to the Storage Engines Team to confirm that this message will always be safe to unredact. |