Prevent sharing of sensitive data in debug logs #255
Description
Often when wanting to help users with debugging why Zaptec isn't working for them, access to the Zaptec HA detailed debug logs are often required. However, the Zaptec API library is logging a lot of sensitive information to the logs. By sensitive, I mean information that should not be put out publicly on the net, such as in an issue here. These are things like names, UIDs, addresses and position. Diagnostics is providing a system for redacting the information, but there is none for logs.
After conferring with other HA devs on Discord, it seems that its considered an anti-pattern to log sensitive information to the logs. Despite this, many critical libraries will do that if one enable debug. E.g. enabling debug on sshd will put a lot of sensitive stuff in the logs.1
The questions raised in this issue:
- How can we get the logs from the user needing help without disclosing any sensitive information?
- How can we prevent sensitive data in the logs while still having the detailed debug logs?
Footnotes
-
HA integrations are normally divided into two libraries: (1) access library which communicates to the remote service, and (2) the HA integration itself. When talking about debug mode in HA, its normally only specifying the HA integration, not the access library. Our Zaptec integration has both, and its the access library part that "leaks" most into logs. ↩