[ https://issues.apache.org/jira/browse/KAFKA-2629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15431717#comment-15431717 ]
ASF GitHub Bot commented on KAFKA-2629: --------------------------------------- GitHub user SinghAsDev opened a pull request: https://github.com/apache/kafka/pull/1770 WIP: KAFKA-2629: Enable getting passwords from an executable rathe… …r than passing plaintext password You can merge this pull request into a Git repository by running: $ git pull https://github.com/SinghAsDev/kafka KAFKA-2629 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/kafka/pull/1770.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #1770 ---- commit 025e27eda77292279b6b9629e7bb69dda2cef5dd Author: Ashish Singh <asi...@cloudera.com> Date: 2016-08-16T23:16:38Z WIP: KAFKA-2629: Enable getting SSL password from an executable rather than passing plaintext password ---- > Enable getting SSL password from an executable rather than passing plaintext > password > ------------------------------------------------------------------------------------- > > Key: KAFKA-2629 > URL: https://issues.apache.org/jira/browse/KAFKA-2629 > Project: Kafka > Issue Type: Improvement > Components: security > Affects Versions: 0.9.0.0 > Reporter: Ashish K Singh > Assignee: Ashish K Singh > > Currently there are a couple of options to pass SSL passwords to Kafka, i.e., > via properties file or via command line argument. Both of these are not > recommended security practices. > * A password on a command line is a no-no: it's trivial to see that password > just by using the 'ps' utility. > * Putting a password into a file, and then passing the location to that file, > is the next best option. The access to the file will be governed by unix > access permissions which we all know and love. The downside is that the > password is still just sitting there in a file, and those who have access can > still see it trivially. > * The most general, secure solution is to provide a layer of abstraction: > provide functionality to get the password from "somewhere else". The most > flexible and generic way to do this is to simply call an executable which > returns the desired password. > ** The executable is again protected with normal file system privileges > ** The simplest form, a script that looks like "echo 'my-password'", devolves > back to putting the password in a file > ** A more interesting implementation could open up a local encrypted password > store and extract the password from it > ** A maximally secure implementation could contact an external secret manager > with centralized control and audit functionality. > ** In short: getting the password as the output of a script/executable is > maximally generic and enables both simple and complex use cases. > This JIRA intend to add a config param to enable passing an executable to > Kafka for SSL passwords. -- This message was sent by Atlassian JIRA (v6.3.4#6332)