Password as an argument displayed on the stack
We log all exceptions that we encounter in our code with a binding to the stack.
The problem comes from this function:
public function Authenticate($user, $password)
//Authenticate the user
}
When an exception is thrown by this function, the stack trace contains the parameters used: the user's password is displayed in plain text.
How can I deal with this? Should I rewrite the authentication function to only accept the encrypted password? Can I disable this particular option from being displayed in the stack trace?
Any idea is appreciated.
EDIT
I am using the getTraceAsString function to log a trace.
source to share
You can use the Exception :: getTrace () method to collect information and write your own getTraceAsString()
, not including parameters.
See this example from the comments Exception :: getTrace () docs .
function MakePrettyException(Exception $e) {
$trace = $e->getTrace();
$result = 'Exception: "';
$result .= $e->getMessage();
$result .= '" @ ';
if($trace[0]['class'] != '') {
$result .= $trace[0]['class'];
$result .= '->';
}
$result .= $trace[0]['function'];
$result .= '();<br />';
return $result;
}
source to share
Two things I would like to suggest:
-
The stack trace must not be visible on the client side (if not already specified)
-
Authentication should only accept the hashed version of the password
Thus, even if someone has a hashed password, they cannot use it to login or use it to change their password.
The ideal method, of course, would be to use something like Xdebug , where the default collect_params is 0 , meaning the variables do not appear in the stack trace.
source to share