Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id DF0E4200C1E for ; Fri, 17 Feb 2017 18:15:47 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id DDBB3160B73; Fri, 17 Feb 2017 17:15:47 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 36416160B6D for ; Fri, 17 Feb 2017 18:15:47 +0100 (CET) Received: (qmail 67549 invoked by uid 500); 17 Feb 2017 17:15:46 -0000 Mailing-List: contact dev-help@kafka.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@kafka.apache.org Delivered-To: mailing list dev@kafka.apache.org Received: (qmail 67427 invoked by uid 99); 17 Feb 2017 17:15:46 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2017 17:15:46 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id CA0F3C0F54 for ; Fri, 17 Feb 2017 17:15:45 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=6.31 tests=[KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-2.999] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id Wa93cmzcgw2g for ; Fri, 17 Feb 2017 17:15:45 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 13BFD5FC6D for ; Fri, 17 Feb 2017 17:15:45 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 8EE84E07E3 for ; Fri, 17 Feb 2017 17:15:42 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id EAFCA24125 for ; Fri, 17 Feb 2017 17:15:41 +0000 (UTC) Date: Fri, 17 Feb 2017 17:15:41 +0000 (UTC) From: "Grant Henke (JIRA)" To: dev@kafka.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (KAFKA-4754) Correctly parse '=' characters in command line overrides MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 17 Feb 2017 17:15:48 -0000 [ https://issues.apache.org/jira/browse/KAFKA-4754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15872139#comment-15872139 ] Grant Henke commented on KAFKA-4754: ------------------------------------ {quote} This could expose the password to anyone who is able to run ps on the system, or look at the bash history. So I'm not sure that we should be concerned about the println {quote} I think its worth adding, just because 1 thing is wrong and a security hole ,doesn't mean we shouldn't close of fix others. If security were all or nothing we would be left with nothing. Often application logs are passed around aggregated and collected. Access to a machine to run ps or look at the history is a much lower concern than that. > Correctly parse '=' characters in command line overrides > -------------------------------------------------------- > > Key: KAFKA-4754 > URL: https://issues.apache.org/jira/browse/KAFKA-4754 > Project: Kafka > Issue Type: Bug > Affects Versions: 0.9.0.0 > Reporter: Grant Henke > Assignee: Grant Henke > > When starting Kafka with an override parameter via "--override my.parameter=myvalue". > If a value contains an '=' character it fails and exits with "Invalid command line properties:.." > Often passwords contain an '=' character so its important to support that value. -- This message was sent by Atlassian JIRA (v6.3.15#6346)