censor database name, user and password in mysqldump invocation #640
Comments
|
Hello, wordmove consider secrets string the followings: secrets << options.dig(env, :database, :password)
secrets << options.dig(env, :database, :host)
secrets << options.dig(env, :vhost)
secrets << options.dig(env, :ssh, :password)
secrets << options.dig(env, :ssh, :host)
secrets << options.dig(env, :ftp, :password)
secrets << options.dig(env, :ftp, :host)
secrets << options.dig(env, :wordpress_path)where Thus only db password and host. Db name and db user are not intended as to be cencored. Talking about the password, this is what I reproduce on same wordmove version as your Each string is censored using a really basic regular expression costructed like, e.g.: having database:
host: 'myhost.com'
password: 'badpassword'the regex will be That's FYI and for my revision and memory. Problem is that I cannot imagine what's breaking the toy here. I'd really need to have a string in order to reproduce the failure. I know that the string is your DB password, but if you'd be able to change it and tell me the old failing one I could write a test in order to check what's happening. The described logger behaviour has also a bit of test coverage here wordmove/spec/logger/logger_spec.rb Line 1 in 96e2b41 |
|
The passwort contains a The output shows a backslash: You might want to add a testcase with |
|
Thank you very much for the string :) I'll do some testing ASAP trying to make it fail.
A word of context: I do not need to escape those string for the shell, but for the regex engine. Shell escaping exists and is implemented in the context of command execution. Here we're in the context of the stdout logger. I'll come back with news. |
|
Hi @castilma , I've done a bit of testing; you can read what I tested at https://github.com/welaika/wordmove/pull/642/files and see results at https://github.com/welaika/wordmove/runs/5167816431?check_suite_focus=true#step:7:6 I've tested the behaviour on top of the branch bringing the 6.0.alpha version: I'm not able to spend effort on the previous versions. But I had bet that involved code shuould have remained the same. Even if I'm wrong, I'd consider the bug fixed in the next candidate version, thus I'm not prone to consolidate the bug. We're on the path to move 6.0 from alpha to beta since we've done some internal testing and some commuity driven testing too. I don't know if it could be possible for you, but I'd ask if you could do some testing with the alpha version. Preliminary info about the upcoming version can be found at #624 and a user testing experience at #632 |
|
But doesn't the logger log the executed commandlines? And those contain the shellescaped secrets? So it should look for shellescaped secrets, too. |
|
Thank you very much |
|
This is confirmed as a bug in the form that the script puts shell-escaped strings on STDOUT than search for secrets by using unescaped strings. Stil not decied how to definitely approach the problem, but I've officialy to deal with it :) Thanks again for the useful report and for the smart analysis |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Describe the bug
The output of wordmove pull -d shows database name, user and password
Expected behavior
The
[UNCENSORED *]parts above should be[secret].movefile.yml
(Not posted since I think it's irrelevant to the problem.)
Environment (please complete the following information):
Doctor
wordmove doctorcommand returns all greenIrrelevant to this issue?: I use
mysql_optionsto set a nonstandard socket, and doctor doesn't seem to respect those options.The text was updated successfully, but these errors were encountered: