Sitemap
Booking.com Engineering

Software engineering at Booking.com

Protect Against Accidental Logging of Sensitive Information

4 min readJan 2, 2013

--

use Carp;
foo("This does not belong in logs");
sub foo {
my $sensitive = shift;
this_can_die();
}
sub this_can_die {
Carp::confess("Gotcha"); # stack trace
}
Gotcha at /path/to/yourapp.pl line 8
main::this_can_die() called at /path/to/yourapp.pl line 5
main::foo('This does not belong in logs') called at /path/to/yourapp.pl line 2
use Carp;
my $secret = 'This does not belong in logs';
foo(\$secret);
sub foo {
my $sensitive = shift;
this_can_die();
}
sub this_can_die {
Carp::confess("Gotcha"); # stack trace
}
Gotcha at /path/to/yourapp.pl line 9
main::this_can_die() called at /path/to/yourapp.pl line 6
main::foo('SCALAR(0xa7e9c0)') called at /path/to/yourapp.pl line 3
sub foo {
warn Data::Dumper->Dump(\@_); # FIXME just for debugging
my $sensitive = shift;
this_can_die();
}
package MyClass;
use Moose;
extends 'Store::Opaque';

sub get_sensitive_info {
$_[0]->_get("sensitive_info")
}

sub set_sensitive_info {
$_[0]->_set("sensitive_info", $_[1])
}

__PACKAGE__->meta->make_immutable;
no Moose;
use MyClass;
my $info = MyClass->new;

$info->set_sensitive_info(1234567234567);
my $number = $info->get_sensitive_info;

# Not even DDS will compromise the data now:
use Data::Dump::Streamer;
Dump($info); # FIXME debug

--

--

No responses yet