Raphael B. <rblists@…> writes:
How can I prevent all my users’ passwords to end in the log files?
Rails logs all params, and that puts all passwords in the logs…
I’d prefer to not stop the logging
Is it possible to just not log the params? (Or can I use this method?
By default, in the development environment the logging threshold is set
“debug”, which shows almost everything–including user passwords
parameter hashes (scarry, isn’t it?).
Generally, this isn’t too much of a problem, though–it’s the
enviroment, after all, and when you’re doing development you usually DO
see all that stuff. Fortunately, by default, the logging threshold is
“info” for the production environment, which does NOT log parameter
all should be well and secure, for normal usage.
If for some reason you want to use a different logging level than these
defaults, you just add a line to the appropriate environment file
(config/environments/development.rb, for example) that says:
config.log_level = :info # or :error, or :warn, or whatever
That way you can set the logging level to whatever level shows you
information for your needs, but not so much as to be insecure.
The reference you cite to the “silence” methods for ActiveRecord and
ActionController can be useful for temporarily changing the logging
a block of code, but it won’t work for blocking parameter hashes from
logged because that takes place before your ActionController object is
instantiated, so there’s nothing in your controller that silence can
block around that would make a difference. The silence methods are
only useful for stopping database field contents from being logged–but
you’re using salted and hashed passwords, that shouldn’t be a big deal,
One last note: there’s an active ticket in the Rails tracking system
hash that specifically hides passwords from being logged: see