cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vishy Kasar (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CASSANDRA-6660) Make node tool command take a password file
Date Wed, 05 Feb 2014 19:46:09 GMT
Vishy Kasar created CASSANDRA-6660:
--------------------------------------

             Summary: Make node tool command take a password file
                 Key: CASSANDRA-6660
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-6660
             Project: Cassandra
          Issue Type: Improvement
            Reporter: Vishy Kasar



We are sending the jmx password in the clear to the node tool command in production. This
is a security risk. Any one doing a 'ps' can see the clear password. Can we change the node
tool command to also take a password file argument. This file will list the JMX user and passwords.
Example below:

cat /cassandra/run/10003004.jmxpasswd
monitorRole abc
controlRole def

Based on the user name provided, node tool can pick up the right password. 



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message