Mark AuditLogEntry fields as readonly

dcramer · mattrobenolt · commit 1f6090dc64b2 · 2016-03-04T11:11:35.000-08:00
Additionally this resolves a superuser-only security concern around being able to craft and inject pickled data into the AuditLogEntry.data field. This won't prevent malicious data in there through other means, but this is the only place it's exposed for raw input (beyond shell). Thanks to Clément Berthaux from Synacktiv (www.synacktiv.com) for reporting this.
diff --git a/src/sentry/admin.py b/src/sentry/admin.py
@@ -330,6 +330,8 @@ class AuditLogEntryAdmin(admin.ModelAdmin):
     list_filter = ('event', 'datetime')
     search_fields = ('actor__email', 'organization__name', 'organization__slug')
     raw_id_fields = ('organization', 'actor', 'target_user')
+    readonly_fields = ('organization', 'actor', 'actor_key', 'target_object',
+                       'target_user', 'event', 'ip_address', 'data', 'datetime')
 
 admin.site.register(AuditLogEntry, AuditLogEntryAdmin)
 
