Sensitive info in dump

[DevOnBike]

can memory dump contain sensitive information? like secrets?
can memory dump be done without this information?

our company policy doesn't allow developers to have access to sensitive data (like secrets) that can be gathered in dump?

[jander-msft]

can memory dump contain sensitive information? like secrets?

Yes. It contains the memory of the application; whatever information is loaded by the application may be contained in the dump.

can memory dump be done without this information?

No, it cannot.

our company policy doesn't allow developers to have access to sensitive data (like secrets) that can be gathered in dump?

If the policy is that you cannot have access to sensitive information, then you cannot have access to the dumps, regardless of what tool (dotnet-monitor, dotnet-dump, WER, etc) or technology you are using.

The dotnet-monitor tool does have a --no-http-egress command line switch which prevents the HTTP API from returning diagnostic artifacts (e.g. dumps) via the response stream; this means that you are required to use an egress provider in order to save the artifact somewhere such as the local file system or to Azure Blob storage. This way, the one who invokes that HTTP API does not have direct access to the artifact.

One caveat is that the /env route does allow access to the target processes environment block, which MAY contain sensitive information such as keys; what information is available in the environment block is application and deployment dependent and is independent of .NET Monitor.

If above is still not acceptable, you'll need to request a feature that allows blocking access to certain aspects of the HTTP API or allow/disallow certain actions to be taken depending on the user; this is typically known as authorization. We have enabled Azure AD authentication starting with 7.1, but it does not allow for custom roles/scopes (authorization) at this time.

[DevOnBike]

maybe it would be nice to have such functionality to only allow / configure authorization on endpoints that serves senstitive info like dumps / gc dumps? more granularity for authorization is neeed for such cases ...