[MDEV-10584] Obscure plain text passwords from server logs - Jira

Details

Type: New Feature
Status: Open (View Workflow)
Priority: Critical
Resolution: Unresolved
Fix Version/s: None
Component/s: None
Labels:
- logging

Sprint:
10.2.4-4, 10.2.4-1, 10.2.4-5

Description

Password used in various SQL commands are visible in plain text in various server logs. A mechanism should be put in place to obscure them from the logs.

Attachments

Issue Links

duplicates

MDEV-9042 CREATE USER passwords being written to bin log in clear text

Open

MDEV-28016 CREATE USER replicated with clear text password

Closed

is duplicated by

MDEV-35902 Obfuscate passwords from DCLs in Slow & General query log

Closed

relates to

MDEV-3892 Cleartext logging of passwords / workaround (MySQL issue 57220)

Open

MDEV-24032 Password's are getting logged in the db log when installing openstack.

Closed

mentioned in: Page Loading...

(1 mentioned in)

Activity

Ascending order - Click to sort in descending order

Nirbhay Choubey (Inactive) added a comment - 2016-11-22 02:51

http://lists.askmonty.org/pipermail/commits/2016-November/010112.html

Nirbhay Choubey (Inactive) added a comment - 2016-11-22 02:51 http://lists.askmonty.org/pipermail/commits/2016-November/010112.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-12 02:50

http://lists.askmonty.org/pipermail/commits/2017-January/010423.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-12 02:50 http://lists.askmonty.org/pipermail/commits/2017-January/010423.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-13 15:41

http://lists.askmonty.org/pipermail/commits/2017-January/010427.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-13 15:41 http://lists.askmonty.org/pipermail/commits/2017-January/010427.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-13 20:19

http://lists.askmonty.org/pipermail/commits/2017-January/010428.html

Nirbhay Choubey (Inactive) added a comment - 2017-01-13 20:19 http://lists.askmonty.org/pipermail/commits/2017-January/010428.html

Alexander Barkov added a comment - 2017-01-16 10:17

http://lists.askmonty.org/pipermail/commits/2017-January/010428.html looks very good.

Alexander Barkov added a comment - 2017-01-16 10:17 http://lists.askmonty.org/pipermail/commits/2017-January/010428.html looks very good.

Sergei Golubchik added a comment - 2024-10-06 18:24

Either we do a moderately generic query rewriting/sanitization feature or hard-code password specific rewriting directly into the parser. The latter will work, but it'll be very rigid and not extendable, thus completely unusable for anything else. It can be done much faster, though

Sergei Golubchik added a comment - 2024-10-06 18:24 Either we do a moderately generic query rewriting/sanitization feature or hard-code password specific rewriting directly into the parser. The latter will work, but it'll be very rigid and not extendable, thus completely unusable for anything else. It can be done much faster, though

Julien Fritsch added a comment - 2025-02-24 12:06

Per this announcement in the Slack triage channel: https://mariadb.slack.com/archives/C05S0ANJ8BE/p1739890335402039, we will now only use the "triage" label to indicate an ongoing customer-engineering escalation. Also, I will remove it, and if it's still needed, let me know.

Julien Fritsch added a comment - 2025-02-24 12:06 Per this announcement in the Slack triage channel: https://mariadb.slack.com/archives/C05S0ANJ8BE/p1739890335402039 , we will now only use the "triage" label to indicate an ongoing customer-engineering escalation. Also, I will remove it, and if it's still needed, let me know.

People

Assignee:: Sergei Golubchik

Reporter:: Nirbhay Choubey (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 2016-08-17 18:02

Updated:: 2025-04-11 23:34

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server