Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-16792

Passwords displayed in Docker logs

    XMLWordPrintable

    Details

    • Type: Problem report
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: 4.4.0
    • Fix Version/s: None
    • Component/s: Packages (C)
    • Labels:
    • Environment:
      Docker centos-4.4-latest images

      Description

      The docker containers output passwords in to the logs. This poses a security risk if the logs are forwarded to a SEIM or other central logging system. My suggestion is that the passwords are masked with asterix's.

      Current example:

      ********************
      * DB_SERVER_HOST: mysql-db
      * DB_SERVER_PORT: 3306
      * DB_SERVER_DBNAME: zabbix
      * DB_SERVER_ROOT_USER: root
      * DB_SERVER_ROOT_PASS: mydbrootpassword
      * DB_SERVER_ZBX_USER: zabbix
      * DB_SERVER_ZBX_PASS: mydbzabbixpassword
      ********************
      

      Suggested example:

      ********************
      * DB_SERVER_HOST: mysql-db
      * DB_SERVER_PORT: 3306
      * DB_SERVER_DBNAME: zabbix
      * DB_SERVER_ROOT_USER: root
      * DB_SERVER_ROOT_PASS: ****************
      * DB_SERVER_ZBX_USER: zabbix
      * DB_SERVER_ZBX_PASS: ******************
      ********************
      

        Attachments

          Activity

            People

            Assignee:
            dotneft Alexey Pustovalov
            Reporter:
            maddog2050 Adam Stirk
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: