Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-16792

Passwords displayed in Docker logs

XMLWordPrintable

    • Icon: Defect (Security) Defect (Security)
    • Resolution: Fixed
    • Icon: Trivial Trivial
    • None
    • 4.4.0
    • Packages (C)
    • Docker centos-4.4-latest images

      The docker containers output passwords in to the logs. This poses a security risk if the logs are forwarded to a SEIM or other central logging system. My suggestion is that the passwords are masked with asterix's.

      Current example:

      ********************
* DB_SERVER_HOST: mysql-db
* DB_SERVER_PORT: 3306
* DB_SERVER_DBNAME: zabbix
* DB_SERVER_ROOT_USER: root
* DB_SERVER_ROOT_PASS: mydbrootpassword
* DB_SERVER_ZBX_USER: zabbix
* DB_SERVER_ZBX_PASS: mydbzabbixpassword
********************

      Suggested example:

      ********************
* DB_SERVER_HOST: mysql-db
* DB_SERVER_PORT: 3306
* DB_SERVER_DBNAME: zabbix
* DB_SERVER_ROOT_USER: root
* DB_SERVER_ROOT_PASS: ****************
* DB_SERVER_ZBX_USER: zabbix
* DB_SERVER_ZBX_PASS: ******************
********************

            dotneft Alexey Pustovalov
            maddog2050 Adam Stirk
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: