Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id C6B2D200B71 for ; Wed, 17 Aug 2016 00:44:22 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id C55EE160AA8; Tue, 16 Aug 2016 22:44:22 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 2199D160ABC for ; Wed, 17 Aug 2016 00:44:21 +0200 (CEST) Received: (qmail 18861 invoked by uid 500); 16 Aug 2016 22:44:21 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 18547 invoked by uid 99); 16 Aug 2016 22:44:21 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 16 Aug 2016 22:44:21 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id DB1102C02AB for ; Tue, 16 Aug 2016 22:44:20 +0000 (UTC) Date: Tue, 16 Aug 2016 22:44:20 +0000 (UTC) From: "Hudson (JIRA)" To: common-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HADOOP-13494) ReconfigurableBase can log sensitive information MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 16 Aug 2016 22:44:22 -0000 [ https://issues.apache.org/jira/browse/HADOOP-13494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15423532#comment-15423532 ] Hudson commented on HADOOP-13494: --------------------------------- SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10286 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/10286/]) HADOOP-13494. ReconfigurableBase can log sensitive information. (wang: rev 4b689e7a758a55cec2ca8398727feefc8ac21bfd) * (edit) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/CommonConfigurationKeysPublic.java * (add) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfigRedactor.java * (edit) hadoop-common-project/hadoop-common/src/main/resources/core-default.xml * (edit) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/ReconfigurableBase.java * (add) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/ConfigRedactor.java > ReconfigurableBase can log sensitive information > ------------------------------------------------ > > Key: HADOOP-13494 > URL: https://issues.apache.org/jira/browse/HADOOP-13494 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 2.2.0 > Reporter: Sean Mackrory > Assignee: Sean Mackrory > Fix For: 2.8.0, 3.0.0-alpha2 > > Attachments: HADOOP-13494.001.patch, HADOOP-13494.002.patch, HADOOP-13494.003.patch, HADOOP-13494.004.patch > > > ReconfigurableBase will log old and new configuration values, which may cause sensitive parameters (most notably cloud storage keys, though there may be other instances) to get included in the logs. > Given the currently small list of reconfigurable properties, an argument could be made for simply not logging the property values at all, but this is not the only instance where potentially sensitive configuration gets written somewhere else in plaintext. I think a generic mechanism for redacting sensitive information for textual display will be useful to some of the web UIs too. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org For additional commands, e-mail: common-issues-help@hadoop.apache.org