JDBC Connection Url Logging - Security Risk

Question

In one of the existing batch process codebase, I can see a practice of JDBC Connection String is getting logged and also persisted. Logging or Persisting a JDBC Connection String alone may not be a security issue. Though, it's a little discomforting to make this information available to naked eyes. But is it a best practice to do so? If not, is there any other reason? OR Is there any usefulness to this practice?

Answer 1

Knowing which database an application is connecting to can be very useful when there are multiple possibilities. But you don't need the entire connection string for that.

I agree with you that doing this is in general a bad practice. An application should know what it's logging and the connection string is generally just that. A string passed in from configuration that could contain anything.

Answer 2

As long as the credentials are not being passed in the connection string (I think you can do this at least with some drivers) I don't think this is a significant security concern. Aside from those details, what would be considered secret about this information? Typically the port is standard and well-known.

At best, trying to hide this information would be considered security by obscurity. With security considerations, it's helpful to consider who you are defending against. For most organizations, insiders are the most likely attackers. Would removing this information significantly impede someone within the organization? I kind of doubt that. For an external attacker, if they have the chops to get into your database, they can surely find it.

Alternately, not logging this potentially creates risks. What if an attacker is able to modify the configuration to point to something they control? If you don't log this information, it could make it a lot easier for them to cover their tracks.

If you are concerned about the information in logs (which is perfectly reasonable) you should probably focus on securing the logs. Trying to prevent any sensitive information from being logged is a endless game of whack-a-mole and success is unlikely over the long-run.