drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Omernik (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-3880) sqlline does not allow for a password prompt - security issue
Date Wed, 03 Feb 2016 22:26:39 GMT

    [ https://issues.apache.org/jira/browse/DRILL-3880?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15131267#comment-15131267
] 

John Omernik commented on DRILL-3880:
-------------------------------------

So I came up with another use case (other than the ability to provide a URL and Username,
but no password and have it prompt for the password). 

I would like it so if a URL is provided, and authentication is required (if it's hard to tell
if authentication is required, then perhaps another flag that would allow to specify "prompt"
for credentials: then it would be like starting sqlline, typing the connect URL with !connect
going from there. 

So:

sqlline -u %YOURURL% -n myusername 

Results in asking for a password and then completing the process

sqlline -u %YOURURL%  -P #-P may be prompt for for credentials)

Results in it asking for username and then password as if the user started sqlline and typed

>!connect %YOURURL%


> sqlline does not allow for a password prompt - security issue
> -------------------------------------------------------------
>
>                 Key: DRILL-3880
>                 URL: https://issues.apache.org/jira/browse/DRILL-3880
>             Project: Apache Drill
>          Issue Type: Improvement
>          Components: Client - CLI
>    Affects Versions: 1.1.0
>            Reporter: John Omernik
>              Labels: security
>             Fix For: Future
>
>
> When authentication is enabled in drill, and using sqlline, there is no way to get the
sqlline client to prompt for a password. The only option is to specify the password at the
command line (-n user -p password) or to log in and then connect.  
> This is a security risk, in that now the .bash_history contains the user's password,
defeating accountability on the system.  Hive and MYSQL both allow for a -p flag with no value
to trigger a prompt for the password that is not logged by .bash_history. 
> One work around is to connect after starting sqlline, however, if the sqlline command
offers a way to specify the username/password, we should do it in a way that doesn't violate
security principles. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message