You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It looked from our audits as if the Snowflake Connector starts with a disabled telemetry and there is a way to progranmatically toggle it, if one so desires.
To our great surprise the Snowflake Connector exfiltrates data and does send telemetry no matter what.
This happens because the telemetry parameter is enabled remotely by Snowflake server.
With the updates session_parameters, Auth calls self._rest._connection._update_parameters(session_parameters) which will update telemetry_enabled = True one the connection.
Furthermore, since the connection calls _log_telemetry_imported_packages which means at least a log even (with all the packages) is saved (in the buffer) even before the connection is done.
Interestingly, the list of imported packages is a rather intrusive log to send.
And, at the end, just closing the client will flush telemetry and send the data externally.
github-actionsbot
changed the title
Snowflake connector telemetry is toggled remotely and always sends internal data to Snowflake
SNOW-1239684: Snowflake connector telemetry is toggled remotely and always sends internal data to Snowflake
Mar 15, 2024
An attempt to disable telemetry we explored is just changing the telemetry URL:
# Try to break the telemetry client with a wrong url. It will auto-disable itself after sending the 1st packet and failing.snowflake.connector.telemetry.TelemetryClient.SF_PATH_TELEMETRY="/please-stop/sending"
But this seems to cause some other problems and I'll probably open a separate issue.
Python version
Python 3.11.6 (main, Jan 9 2024, 11:01:12) [GCC 11.4.0]
Operating system and processor architecture
Linux-5.15.0-100-generic-x86_64-with-glibc2.35
Installed packages
What did you do?
It looked from our audits as if the Snowflake Connector starts with a disabled telemetry and there is a way to progranmatically toggle it, if one so desires.
To our great surprise the Snowflake Connector exfiltrates data and does send telemetry no matter what.
This happens because the telemetry parameter is enabled remotely by Snowflake server.
This is done early, during the authentication: the
session_parameters
are updated based on the server response https://github.com/snowflakedb/snowflake-connector-python/blob/main/src/snowflake/connector/auth/_auth.py#L470The server response contains among others in
data.parameters
the telemetry keys:With the updates
session_parameters
,Auth
callsself._rest._connection._update_parameters(session_parameters)
which will updatetelemetry_enabled = True
one the connection.Furthermore, since the connection calls
_log_telemetry_imported_packages
which means at least a log even (with all the packages) is saved (in the buffer) even before the connection is done.Interestingly, the list of imported packages is a rather intrusive log to send.
And, at the end, just closing the client will flush telemetry and send the data externally.
Example:
At the end of this short program we see telemetry got enabled (through the server reply) and that data was sent.
What did you expect to see?
We did not expect to see
CLIENT_TELEMETRY_ENABLED
being set based on a server reply.If this is a user settings, we would like to see where to configure it for our account.
But, as a library, it makes little sense for the Snowflake connector to just take all
session_parameters
as-is from the server reply.The telemetry parameters should be explicitly excluded.
Fundamentally, there should be an implicit or easy way for no telemetry to be ever sent.
Can you set logging to DEBUG and collect the logs?
The text was updated successfully, but these errors were encountered: