filenames leak into log files from rename (and other web-API operations that take filenames) #1904
Labels
No Label
0.2.0
0.3.0
0.4.0
0.5.0
0.5.1
0.6.0
0.6.1
0.7.0
0.8.0
0.9.0
1.0.0
1.1.0
1.10.0
1.10.1
1.10.2
1.10a2
1.11.0
1.12.0
1.12.1
1.13.0
1.14.0
1.15.0
1.15.1
1.2.0
1.3.0
1.4.1
1.5.0
1.6.0
1.6.1
1.7.0
1.7.1
1.7β
1.8.0
1.8.1
1.8.2
1.8.3
1.8β
1.9.0
1.9.0-s3branch
1.9.0a1
1.9.0a2
1.9.0b1
1.9.1
1.9.2
1.9.2a1
LeastAuthority.com automation
blocker
cannot reproduce
cloud-branch
code
code-dirnodes
code-encoding
code-frontend
code-frontend-cli
code-frontend-ftp-sftp
code-frontend-magic-folder
code-frontend-web
code-mutable
code-network
code-nodeadmin
code-peerselection
code-storage
contrib
critical
defect
dev-infrastructure
documentation
duplicate
enhancement
fixed
invalid
major
minor
n/a
normal
operational
packaging
somebody else's problem
supercritical
task
trivial
unknown
was already fixed
website
wontfix
worksforme
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Reference: tahoe-lafs/trac-2024-07-25#1904
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
I just saw something I didn't want to see in someone else's log file:
Dammit! Now I know who shot JFK. I didn't want to know that.
This ticket could become more important to https://LeastAuthority.com in the future, as we intend to make it very easy for our customers to opt-in to having their incident report files sent automatically to our log gatherer. I would like to see this ticket fixed ASAP so that in the future our customers will have a fixed version of Tahoe-LAFS installed...
If you like this ticket, you may also like: #562, #563, #685, and #1008.
Note that many web-API operations take filenames. Removing 'confidentiality' from keywords since this does not leak file contents, which is how that keyword is defined.
filenames leak into log files from renameto filenames leak into log files from rename (and other web-API operations that take filenames)From the duplicate #385 of a particular case ("webapi download with
?filename=
should not log filename"):