Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove SQL logger #454

Closed
aeneasr opened this issue Feb 20, 2021 · 2 comments
Closed

Remove SQL logger #454

aeneasr opened this issue Feb 20, 2021 · 2 comments
Assignees
Labels
blocking Blocks milestones or other issues or pulls. bug Something is not working.

Comments

@aeneasr
Copy link
Member

aeneasr commented Feb 20, 2021

Describe the bug

The SQL logger - enabled with log level trace - logs SQL statements and their values. This can lead to leakage of PII or other sensitive information to log files (see e.g. https://www.wired.com/story/facebook-passwords-plaintext-change-yours/) and should be removed.

@aeneasr aeneasr added bug Something is not working. blocking Blocks milestones or other issues or pulls. labels Feb 20, 2021
@zepatrik
Copy link
Member

Should we only log on leak_sensitive_values or remove that completely?

@aeneasr
Copy link
Member Author

aeneasr commented Feb 21, 2021

Remove completely, we have Jaeger for real tracing :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
blocking Blocks milestones or other issues or pulls. bug Something is not working.
Projects
None yet
Development

No branches or pull requests

2 participants