@secret annotation for objects storing passwords

5 years ago

mishak
Member | 100
+
+8
-

It would be nice to support dumping of objects with secrets.
It is not just passwords ie. birth numbers, gov. id numbers etc.

class Connection {

    /** @secret */
    private $username;

    /** @secret */
    private $password;

}

dump(new Connection);
Connection #66dd
    username => ******
    password => SECRET

It would enable sharing error log dumps without modifying them. Also is not safe to store dumps with passwords on server.

Last edited by mishak (2014-04-18 17:44)

4 years ago

Honza Kuchař
Backer | 1650
+
0
-

This looks like an interesting idea!

4 years ago

Filip Procházka
Moderator | 4693
+
0
-

Interesting idea, I just don't like the part where you have to modify the code to make those properties secret. It would have to be a configuration value of tracy/dumper.

4 years ago

petr.pavel
Backer | 492
+
0
-

I was just thinking recently about all the fun we've had with debug mode running on various production servers :-) and that Nette should mask db login credentials in dumps to protect those idiots.

I like this proposal however, it won't cover non-Nette libraries, for example Doctrine\DBAL\Connection. Shouldn't we be more aggressive and mask all attributes named password, pwd, passwd, …, username, user_name, userName, …? I know it will never catch everything but isn't at least something better than nothing?

4 years ago

David Matějka
Moderator | 5846
+
+1
-

@petr.pavel something like this ? :)

4 years ago

japlavaren
Backer | 412
+
+2
-

podla mňa je to zbytočné – dump si vypisuje programátor a na ostrom servery je vypnutý. ak budem potrebovať vydumpovať @secret data, tak to nepojde a budem to musieť hackovať

4 years ago

petr.pavel
Backer | 492
+
0
-

@matej21: “authored on 11 Jun 2009” a yet this year I was able to read Nette Database login credentials from an error message on a production server with a debug mode on. So yes, something likes this but working :-)

4 years ago

Aurielle
Member | 1283
+
0
-

@petr.pavel that commit actually removes this functionality.