Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Multi-tenancy: don't dump sensitive information in server logs #2380

Open
jpd236 opened this issue Dec 21, 2024 · 1 comment
Open

Multi-tenancy: don't dump sensitive information in server logs #2380

jpd236 opened this issue Dec 21, 2024 · 1 comment

Comments

@jpd236
Copy link
Contributor

jpd236 commented Dec 21, 2024

The server logs will occasionally include some hunt-specific information; I haven't done a deep audit but I'm certain that puzzle titles and tags are in there, and pretty sure solutions can be logged as well.

In a multi-tenant world, a server admin might be solving on one team while supporting the site for other teams. They may need to debug issues that require looking at server logs. If those logs contain puzzle information that they don't already know, it could spoil them.

Of course, this would also impact things like BugSnag (particularly around the breadcrumbs), which would be harder to handle here (and probably undesirable, since the breadcrumbs can be quite useful).

What should the philosophy here be?

@jimsug
Copy link

jimsug commented Dec 22, 2024

My random opinion is that a server admin should only rarely be looking at logs anyway, and it's probably more important for them to be able to debug issues than to remain unspoiled on answers, etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants