Sensitive information stored in logs
Need
Secure handling of sensitive information in logs
Context
- Usage of TypeScript for type-checking and compiling JavaScript code
- Usage of Express for building web applications and APIs
- Usage of fs for file system operations
Description
Non compliant code
import express from 'express';
import fs from 'fs';
const app = express();
app.use(express.json());
app.post('/login', (req, res) => {
const { username, password } = req.body;
// Logging sensitive information
fs.appendFile('logs.txt', `Username: ${username}, Password: ${password}\\n`, (err) => {
if (err) {
console.error('Error writing to log file:', err);
}
});
// Perform login logic
// ...
});
app.listen(3000, () => {
console.log('Server started on port 3000');
});
The vulnerability in this code is that it logs sensitive information, specifically the username and password, to a log file. The code uses the fs.appendFile function to append the sensitive information to the 'logs.txt' file.
Storing sensitive information in log files is dangerous because log files are often accessible to system administrators, developers, or potential attackers. If an attacker gains access to the log files, they can easily obtain the sensitive information, such as credentials, bank accounts, or file paths, which can compromise the security of the system.
In this case, the code logs the username and password provided in the /login route. This means that any user who logs in will have their credentials stored in the log file, making it easier for an attacker to obtain this sensitive information.
To mitigate this vulnerability, it is recommended to avoid storing sensitive information in log files. Instead, the code should be modified to log only non-sensitive information or to obfuscate the sensitive data before logging. Additionally, it is important to regularly review and secure log files to prevent unauthorized access and ensure the protection of sensitive information.
Steps
- Identify the sensitive information that is being logged
- Remove the logging of sensitive information
- Consider using a logging library that supports sensitive data masking or encryption
- If sensitive information needs to be logged for debugging purposes, ensure that it is properly secured and access to the logs is restricted
Compliant code
import express from 'express';
import fs from 'fs';
const app = express();
app.use(express.json());
app.post('/login', (req, res) => {
const { username, password } = req.body;
// Logging sensitive information
// fs.appendFile('logs.txt', `Username: ${username}, Password: ${password}\\n`, (err) => {
// if (err) {
// console.error('Error writing to log file:', err);
// }
// });
// Perform login logic
// ...
});
app.listen(3000, () => {
console.log('Server started on port 3000');
});
In the fixed code, the sensitive information logging functionality has been commented out to prevent storing sensitive information in log files.
The fs.appendFile function, which was previously used to append sensitive information to a log file, has been commented out. This ensures that the username and password are not logged.
By removing this code, the system no longer stores sensitive information such as credentials, bank accounts, and file paths in log files. This prevents potential attackers from obtaining sensitive information that could compromise system resources.
Overall, the fixed code ensures that sensitive information is not logged, mitigating the vulnerability related to storing sensitive information in logs.