[
https://issues.apache.org/jira/browse/AMBARI-2397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13686823#comment-13686823
]
Sumit Mohanty commented on AMBARI-2397:
---------------------------------------
Will this log the actual password or an encrypted one - in any case, do we need
these log?
-480,6 +479,7 @@ public class Configuration {
LOG.info("password=>"+dbpasswd);
@@ -117,6 +117,7 @@ public class MasterKeyServiceImpl implements
MasterKeyService {
+ LOG.debug("Master Key initialized: " + masterKey);
We can delete the IOException catch.
} catch (IOException e) {
LOG.error("Cannot read master key from file: " + keyPath);
e.printStackTrace();
+ } catch (Exception e) {
+ LOG.error("Cannot read master key from file: " + keyPath);
+ e.printStackTrace();
> Unencrypted master key stored in temporary file
> -----------------------------------------------
>
> Key: AMBARI-2397
> URL: https://issues.apache.org/jira/browse/AMBARI-2397
> Project: Ambari
> Issue Type: Bug
> Components: controller
> Affects Versions: 1.2.5
> Reporter: Siddharth Wagle
> Assignee: Siddharth Wagle
> Fix For: 1.2.5
>
> Attachments: AMBARI-2397.patch
>
>
> Master key in secure mode, when not persisted is passed between python
> process and JVM using temporary files. The key itself is stored in clear text
> and should be encrypted.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
