Cleartext logging of sensitive informationΒΆ
ID: rust/cleartext-logging
Kind: path-problem
Security severity: 7.5
Severity: warning
Precision: high
Tags:
- security
- external/cwe/cwe-312
- external/cwe/cwe-359
- external/cwe/cwe-532
Query suites:
- rust-code-scanning.qls
- rust-security-extended.qls
- rust-security-and-quality.qls
Click to see the query in the CodeQL repository
Sensitive user data and system information that is logged could be exposed to an attacker when it is displayed. Also, external processes often store the standard output and standard error streams of an application, which will include logged sensitive information.
RecommendationΒΆ
Do not log sensitive data. If it is necessary to log sensitive data, encrypt it before logging.
ExampleΒΆ
The following example code logs user credentials (in this case, their password) in plaintext:
let password = "P@ssw0rd";
info!("User password changed to {password}");
Instead, you should encrypt the credentials, or better still, omit them entirely:
let password = "P@ssw0rd";
info!("User password changed");
ReferencesΒΆ
M. Dowd, J. McDonald and J. Schuhm, The Art of Software Security Assessment, 1st Edition, Chapter 2 - βCommon Vulnerabilities of Encryptionβ, p. 43. Addison Wesley, 2006.
M. Howard and D. LeBlanc, Writing Secure Code, 2nd Edition, Chapter 9 - βProtecting Secret Dataβ, p. 299. Microsoft, 2002.
Common Weakness Enumeration: CWE-312.
Common Weakness Enumeration: CWE-359.
Common Weakness Enumeration: CWE-532.