hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laszlo Pinter (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
Date Thu, 25 Oct 2018 11:48:00 GMT

    [ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663631#comment-16663631
] 

Laszlo Pinter commented on HIVE-20796:
--------------------------------------

[~pvary] We were thinking the same :). Is it ok if I put this method to the MetaStoreServerUtils
class? 

> jdbc URL can contain sensitive information that should not be logged
> --------------------------------------------------------------------
>
>                 Key: HIVE-20796
>                 URL: https://issues.apache.org/jira/browse/HIVE-20796
>             Project: Hive
>          Issue Type: Improvement
>          Components: Hive
>    Affects Versions: 4.0.0
>            Reporter: Laszlo Pinter
>            Assignee: Laszlo Pinter
>            Priority: Major
>         Attachments: HIVE-20796.01.patch
>
>
> It is possible to put passwords in the jdbc connection url and some jdbc drivers will
supposedly use that. (derby, mysql). This information is considered sensitive, and should
be masked out, while logging the connection url.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message