Symfony: Warn developers when they use unsafe hashers/encoders

Created on 28 Sep 2016 · 3Comments · Source: symfony/symfony

Somewhat related to #20045 discussion, we could warn developers when they use unsafe encoder types. I'm thinking about something like this:

if (null !== $this->logger && 'plaintext' === $encoderType) {
    $this->logger->warning('Storing user passwords in plain text is considered a critical security error. Consider configuring a password encoder for the "%s" entity.');
}

if (null !== $this->logger && in_array($encoderType, array('sha512', 'sha384', 'sha256', 'sha1', 'md5'))) {
    $this->logger->warning('Encoding user passwords with "%s" algorithm is considered a bad security practice. Consider using "bcrypt" as the password encoder for the "%s" entity.');
}

If you like this idea, how and where could we log those warning messages? Thanks!

Feature Security SecurityBundle

Source

javiereguiluz

👍6

Most helpful comment

Honestly I wouldn't like to see a warning like that in all my logs in production when I explicitly made the choice to use a such encoder. If it is tied to the debug flag of the environment why not, but it can't be enabled all the time.

To be more precise, a such feature in production would prevent me from using the warning log level at all (or at least without a dedicated log configuration). I'll have to silence it because a warning shouldn't happen and all warning must be investigate (not immediately unlike an error or a critical but it still have to)

Nicofuma on 28 Sep 2016

👍4

All 3 comments

Nicofuma on 28 Sep 2016

👍4

Yes, it would only be for the dev environment.

javiereguiluz on 28 Sep 2016

👍3

Closing it because I no longer consider this a good idea. Our developers are not idiots (so they'll never use plaintext for real users) and if they use bad hashers (sha*) it's probably for a good reason (legacy apps, etc.) and anyway, we explain things well in the docs.

javiereguiluz on 21 Jun 2017

Was this page helpful?

0 / 5 - 0 ratings