[
https://issues.apache.org/jira/browse/HADOOP-15325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16414568#comment-16414568
]
Konstantin Shvachko commented on HADOOP-15325:
----------------------------------------------
My comment from HADOOP-12862. I don't think this makes sense. It is like adding
an optional option to ignore an optional parameter.
People should just NOT put passwords in configs. We tolerate previously
introduced password parameters for backward compatibility. But we should not
add new password fields into configs.
> Add an option to make Configuration.getPassword() not to fallback to read
> passwords from configuration.
> -------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-15325
> URL: https://issues.apache.org/jira/browse/HADOOP-15325
> Project: Hadoop Common
> Issue Type: Improvement
> Components: conf
> Affects Versions: 2.6.0
> Reporter: Wei-Chiu Chuang
> Assignee: Zsolt Venczel
> Priority: Major
>
> HADOOP-10607 added a public API Configuration.getPassword() which reads
> passwords from credential provider and then falls back to reading from
> configuration if one is not available.
> This API has been used throughout Hadoop codebase and downstream
> applications. It is understandable for old password configuration keys to
> fallback to configuration to maintain backward compatibility. But for new
> configuration passwords that don't have legacy, there should be an option to
> _not_ fallback, because storing passwords in configuration is considered a
> bad security practice.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
