You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Elasticsearch authentication credentials can leak into rally.log when using the --kill-running-processes CLI argument and there is a running process to kill. Rally should not leak basic authentication credentials or API keys to rally.log.
logging.getLogger(__name__).info("Killing lingering process with PID [%s] and command line [%s].", p.pid, p.cmdline())
Example log
2024-06-27 09:54:12,866 -not-actor-/PID:1698183 esrally.utils.process INFO Killing lingering process with PID [1696855] and command line [['/home/user/.conda/envs/rally/bin/python', '/home/user/.conda/envs/rally/bin/esrally', 'race', '--track-path=.', '--pipeline=benchmark-only', '--target-hosts=https://10.13.31.10:9200', "--client-options=basic_auth_user:'elastic',basic_auth_password:'TheLeakedPassword',use_ssl:true,verify_certs:false,timeout:60", '--kill-running-processes']].
The text was updated successfully, but these errors were encountered:
Elasticsearch authentication credentials can leak into rally.log when using the
--kill-running-processes
CLI argument and there is a running process to kill. Rally should not leak basic authentication credentials or API keys to rally.log.Problem code line
rally/esrally/utils/process.py
Line 184 in 18e4a2c
Example log
The text was updated successfully, but these errors were encountered: