Question

FMEServerJobSubmitter logging password in clear text Security BUG

  • 25 January 2016
  • 3 replies
  • 14 views
V

I have 2 workspaces on our FME Server with the first calling the second using FMEServerJobSubmitter.

One of the parameters that the second workspace expects is a password. This is the password to our AGOL account. The parameter is defined as password so it should be hidden.

The parameter is also defined as password in the first workspace and the first workspace would pass the parameter to the second workspace via FMEServerJobSubmitter.

However, after running, I reviewed the log of the first workspace at the step where it executes FMEServerJobSubmitter, it was logging all parameters being passed to the second workspace and had logged the password value in clear plain text. This allows all users on FME server to be able to see the AGOL password.

The log of the second workspace also shows the parameter values, but the password was correctly logged as *** .

Please fix this security bug!

3 replies

mark2atsafe
Rank
Userlevel 4
Badge +25

Hi @vudang

I checked and this appears to be partially fixed in FME 2016. Our developer says:

Published parameters whose name contains the word password now have their values suppressed in the log* ..." The name of the published password parameter in the child workspace must contain the word *password* then the password will be encrypted.

So if you can rename the parameter to include the word password in its name, all should be well.

If this doesn't help, can you log a case with our support team (safe.com/support)? Please let them know the problem and suggest PR#62671 might be related,

Hope this helps

Regards

Mark

alex_p
Badge +1

There is another issue with FMEServerJobSubmitter and the password visibility.

When you configure the FMEServerJobSubmitter parameter in the Workbench, you have to set the FME Server connection parameters. Among these parameters, there is the password that is visible in clear in the log file.

I tried to use a Private Parameters (Password Type), but it is still visible in the log file. This case is worst because a Password parameter can become visible.

Is there any possibility to hide the password in the log files?

I use FME Server 2016.1.0.1 - Build 16494 - win64

 

Thank you

Regards

Alex

fmelizard
Rank
Userlevel 4
Badge +13

There is another issue with FMEServerJobSubmitter and the password visibility.

When you configure the FMEServerJobSubmitter parameter in the Workbench, you have to set the FME Server connection parameters. Among these parameters, there is the password that is visible in clear in the log file.

I tried to use a Private Parameters (Password Type), but it is still visible in the log file. This case is worst because a Password parameter can become visible.

Is there any possibility to hide the password in the log files?

I use FME Server 2016.1.0.1 - Build 16494 - win64

 

Thank you

Regards

Alex

Hi Alex,

 

 

For FME Server 2017.0 we have made it possible to use a Web Connection with the FMEServerJobSubmitter transformer. This is the same concept as Database Connections where the credentials are stored in a centralized location and won't be logged anywhere. Here is a screenshot of the 2017.0 interface:

 

In general, we recommend these centralized Web and Database Connections over embedded connection parameters.

 

 

Reply


Community Stats

28,753
Posts
109,620
Replies
36,587
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.