Information Exposure Through Debug Log

ID

go.information_exposure_through_debug_log

Severity

low

Resource

Information Leak

Language

Go

Tags

CWE:532, NIST.SP.800-53, OWASP:2021:A4

Description

Sensitive information leakage through debug log.

Rationale

Logging is an essential part of application maintenance, aiding in troubleshooting and performance monitoring. However, if not properly managed, logs can become a significant vulnerability, especially when they contain sensitive data such as authentication credentials, personal user information, or internal state.

The CWE-532 category highlights the risk of exposing sensitive information through logging, which could be easily exploited if log files are accessed by unauthorized users.

Let’s consider an example where sensitive information might be logged inappropriately:

package information_exposure_through_debug_log

import (
	"log"
	"net/http"
)

func serve() {
	http.HandleFunc("/register", func(w http.ResponseWriter, r *http.Request) {
		r.ParseForm()
		user := r.Form.Get("user")
		password := r.Form.Get("password")

		log.Printf("Registering new user %s with password %s.\n", user, password) // FLAW
	})
	http.ListenAndServe(":8080", nil) // Changed port to 8080
}

In this case, the password is written to the debug log, which could easily be harvested if logs are exposed or improperly secured. This violates secure coding principles and can result in data breaches.

Remediation

To remediate issues related to information exposure through logs, follow these practical steps:

  1. Avoid Logging Sensitive Data: Refrain from logging sensitive information such as passwords, credit card details, and personally identifiable information unless it’s absolutely necessary. Use sanitization and redaction techniques if logging such information is unavoidable.

  2. Use Appropriate Logging Levels: Set logging levels appropriately. Use DEBUG or TRACE logging selectively, preferably during development and disable or restrict them in production environments.

  3. Implement Log Access Controls: Ensure that logs are stored securely and that access is restricted to authorized personnel only. Utilize encryption for log files if possible, and employ robust audit controls to monitor access.

  4. Regularly Audit Logs: Conduct regular audits of logs to identify and redact any instances of sensitive data that were improperly logged. This helps maintain the integrity of your logging strategy.

By following these steps, organizations can minimize the risks associated with information exposure through debug logs in your applications.

Configuration

To remediate issues related to information exposure through logs, follow these practical steps:

  1. Avoid Logging Sensitive Data: Refrain from logging sensitive information such as passwords, credit card details, and personally identifiable information unless it’s absolutely necessary. Use sanitization and redaction techniques if logging such information is unavoidable.

  2. Use Appropriate Logging Levels: Set logging levels appropriately. Use DEBUG or TRACE logging selectively, preferably during development and disable or restrict them in production environments.

  3. Implement Log Access Controls: Ensure that logs are stored securely and that access is restricted to authorized personnel only. Utilize encryption for log files if possible, and employ robust audit controls to monitor access.

  4. Regularly Audit Logs: Conduct regular audits of logs to identify and redact any instances of sensitive data that were improperly logged. This helps maintain the integrity of your logging strategy.

By following these steps, organizations can minimize the risks associated with information exposure through debug logs in your applications.

References

  • CWE-532 : Insertion of Sensitive Information into Log File.

  • FIO13-J : Do not log Sensitive Information outside a trust boundary

  • OWASP Top 10 2021 - A03 : Injection.