Closed Bug 1381511 Opened 3 years ago Closed 3 years ago

Autophone - do not consider treeherder client id to be sensitive data

Categories

(Testing :: Autophone, enhancement)

enhancement
Not set

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: bc, Assigned: bc)

References

Details

Attachments

(1 file)

https://github.com/mozilla/autophone/blob/master/options.py#L48 defines the data items which are considered sensitive. These are used to exclude messages which contain sensitive data from being logged and made public in https://github.com/mozilla/autophone/blob/master/sensitivedatafilter.py#L19

This is a problem due to the simple means by which we test for inclusion of the sensitive data. We use a simple  |data in message| test which results in false positives if the data is a generic enough string.

Unless we change the user names etc to be completely unique, I intend to just remove the items which aren't that sensitive and only keep the passwords.
It's really the treeherder client id that is the problem.
Summary: Autophone - do not consider user account names to be sensitive data → Autophone - do not consider treeherder client id to be sensitive data
Attachment #8887085 - Flags: review?(jmaher)
Comment on attachment 8887085 [details] [diff] [review]
bug-1381511-v1.patch

Review of attachment 8887085 [details] [diff] [review]:
-----------------------------------------------------------------

face palm
Attachment #8887085 - Flags: review?(jmaher) → review+
https://github.com/mozilla/autophone/commit/95fcfe077e50442527b5592c13e7a517ecc968d3
deployed 2017-07-17 08:36
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Duplicate of this bug: 1277921
Duplicate of this bug: 1337784
Duplicate of this bug: 1347839
Duplicate of this bug: 1304063
Duplicate of this bug: 1365457
Duplicate of this bug: 1375621
You need to log in before you can comment on or make changes to this bug.