Ecto Logger Debug messages display sensitive data

748 views
Skip to first unread message

Theston E. Fox

unread,
Dec 5, 2015, 3:36:26 AM12/5/15
to elixir-ecto
Hi,

I'm not sure if this is intended behaviour, I've been working on a Phoenix project and when in dev mode the logger is set to show at debug level.

In phoenix you can specify parameter filters to hide sensitive data (such as a password field), however the ecto logger that displays the SQL query in debug mode has no such filter applied and the password is visible in the debug log.

It may be intended so you can actually debug with actual data, or is this an oversight and should it be possible to hide sensitive data from the debug log in Ecto?

Thanks

José Valim

unread,
Dec 5, 2015, 4:15:08 AM12/5/15
to elixi...@googlegroups.com
Well, you are not meant to run debug logs in production. :) You can, however, customize the Repo.log function to hide any data if you would like to.



José Valim
Skype: jv.ptec
Founder and Director of R&D

--
You received this message because you are subscribed to the Google Groups "elixir-ecto" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elixir-ecto...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elixir-ecto/02082b24-fbbf-469a-82af-48c607b9fe84%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Theston E. Fox

unread,
Dec 5, 2015, 4:28:37 AM12/5/15
to elixir-ecto, jose....@plataformatec.com.br
Yeah that was my thought too, debug logs in production isn't a great idea! I also figured that debug logs should show you the data so you can actually debug it! :)

I just wanted to make sure it was intended behaviour.

Thanks for your response!

James Fish

unread,
Dec 5, 2015, 6:36:11 AM12/5/15
to elixi...@googlegroups.com
I think we log (as error without Repo.log) all options on connection failure, which can leak the password etc.

To view this discussion on the web visit https://groups.google.com/d/msgid/elixir-ecto/e7a7fc35-c41c-488f-9b36-dfb6898ed607%40googlegroups.com.

José Valim

unread,
Dec 5, 2015, 7:41:19 AM12/5/15
to elixi...@googlegroups.com
I think Postgrex prunes this data?

--

James Fish

unread,
Dec 5, 2015, 7:53:04 AM12/5/15
to elixi...@googlegroups.com
This is done in the Ecto pool workers and depends on how the adapter behaves. From memory this shouldn't happen when using postgrex in a released version, though is possible on master if using sync_connect.
Reply all
Reply to author
Forward
0 new messages