spark-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Graves (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SPARK-23850) We should not redact username|user|url from UI by default
Date Mon, 02 Apr 2018 18:48:00 GMT
Thomas Graves created SPARK-23850:
-------------------------------------

             Summary: We should not redact username|user|url from UI by default
                 Key: SPARK-23850
                 URL: https://issues.apache.org/jira/browse/SPARK-23850
             Project: Spark
          Issue Type: Bug
          Components: Web UI
    Affects Versions: 2.2.1
            Reporter: Thomas Graves


SPARK-22479 was filed to not print the log jdbc credentials, but in there they also added 
the username and url to be redacted.  I'm not sure why these were added and to me by default
these do not have security concerns.  It makes it more usable by default to be able to see
these things.  Users with high security concerns can simply add them in their configs.

Also on yarn just redacting url doesn't secure anything because if you go to the environment
ui page you see all sorts of paths and really its just confusing that some of its redacted
and other parts aren't.  If this was specifically for jdbc I think it needs to be just applied
there and not broadly.

If we remove these we need to test what the jdbc driver is going to log from SPARK-22479.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org


Mime
View raw message