falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ajay Yadava (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (FALCON-1601) Make Falcon StateStore more secure by not disclosing imp params in startup.props
Date Wed, 23 Dec 2015 09:38:46 GMT

    [ https://issues.apache.org/jira/browse/FALCON-1601?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15069430#comment-15069430
] 

Ajay Yadava edited comment on FALCON-1601 at 12/23/15 9:38 AM:
---------------------------------------------------------------

Thanks for the patch [~pavan kumar] I have left some comments on reviewboard.

I wanted to hear everyone's thoughts on couple of things so I am starting a discussion here.

1. [~sandeep.samudrala] had suggested in an offline discussion that we should follow postgres's
approach of enforcing certain permissions on the file otherwise discarding it.

2. We should keep only one method of specifying the credentials, using the properties file
and disallow the other version where it picks credentials from startup.properties file.  I
think the startup.properties approach is a bad practice and Falcon shouldn't encourage by
supporting this option.




was (Author: ajayyadava):
Thanks for the patch [~pavan kumar] I have left some comments on reviewboard.

I wanted to hear everyone's thoughts on couple of things so I am starting a discussion here.

1. [~sandeep.samudrala] had suggested in an offline discussion that we should follow postgres's
of enforcing certain permissions on the file otherwise discarding it.

2. We should keep only one method of specifying the credentials, using the properties file
and disallow the other version where it picks credentials from startup.properties file.  I
think the startup.properties approach is a bad practice and Falcon shouldn't encourage by
supporting this option.



> Make Falcon StateStore more secure by not disclosing imp params in startup.props 
> ---------------------------------------------------------------------------------
>
>                 Key: FALCON-1601
>                 URL: https://issues.apache.org/jira/browse/FALCON-1601
>             Project: Falcon
>          Issue Type: Improvement
>            Reporter: pavan kumar kolamuri
>            Assignee: pavan kumar kolamuri
>         Attachments: FALCON-1601.patch
>
>
> We are bringing Falcon state Store DB for Native Scheduler as part of https://issues.apache.org/jira/browse/FALCON-1234,
We need to add more secureness by removing password properties from startup props and also
made this Statestore supports Mysql as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message