[Tarantool-patches] [PATCH] box: replication shouldn't leak user password
Kirill Yukhin
kyukhin at tarantool.org
Thu Mar 5 07:49:57 MSK 2020
Hello,
On 13 дек 00:25, Maria wrote:
> It was possible to leak user password through setting 'replication'
> configuration option in first box.cfg invocation. This happened due
> to unconditional logging in load_cfg function. The patch introduces
> conditional logging.
>
> Closes #4493
> ---
> Issue:
> https://github.com/tarantool/tarantool/issues/4493
> Branch:
> https://github.com/tarantool/tarantool/tree/eljashm/gh-4493-box.cfg-log-may-leak-passwords
I've checked your patch into 1.10, 2.2, 2.3 and master.
--
Regards, Kirill Yukhin
More information about the Tarantool-patches
mailing list