Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Elasticsearch cluster authentication credentials can leak into rally.log #1862

Closed
inqueue opened this issue Jun 27, 2024 · 0 comments · Fixed by #1863
Closed

Elasticsearch cluster authentication credentials can leak into rally.log #1862

inqueue opened this issue Jun 27, 2024 · 0 comments · Fixed by #1863
Labels
bug Something's wrong

Comments

@inqueue
Copy link
Member

inqueue commented Jun 27, 2024

Elasticsearch authentication credentials can leak into rally.log when using the --kill-running-processes CLI argument and there is a running process to kill. Rally should not leak basic authentication credentials or API keys to rally.log.

Problem code line

Example log

2024-06-27 09:54:12,866 -not-actor-/PID:1698183 esrally.utils.process INFO Killing lingering process with PID [1696855] and command line [['/home/user/.conda/envs/rally/bin/python', '/home/user/.conda/envs/rally/bin/esrally', 'race', '--track-path=.', '--pipeline=benchmark-only', '--target-hosts=https://10.13.31.10:9200', "--client-options=basic_auth_user:'elastic',basic_auth_password:'TheLeakedPassword',use_ssl:true,verify_certs:false,timeout:60", '--kill-running-processes']].
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something's wrong
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant