[
https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14727675#comment-14727675
]
Wei Yan commented on OOZIE-2244:
--------------------------------
Thanks for the fix, [~venkatnrangan]. We also meet similar issue, as mentioned
in OOZIE-2340.
I'm thinking another approach which introduces a switch and users can decide
whether print the arguments out or not. This can help like: (1) at beginning we
may need to debug some code which needs the password info; (2) besides
password, the users may also don't want to disclose other sensitive info. But
one global switch may let us lose some debug information. No sure whether it is
a good idea that we introduce per-argument config, and all default configs are
"print it out". Users can mask some arguments by inputing a list of argument
names.
Thought? [~rkanter], [~jaydeepvishwakarma].
> Oozie should mask passwords in the logs when logging command arguments
> ----------------------------------------------------------------------
>
> Key: OOZIE-2244
> URL: https://issues.apache.org/jira/browse/OOZIE-2244
> Project: Oozie
> Issue Type: Bug
> Affects Versions: 4.1.0, 4.0.1
> Environment: All
> Reporter: Venkat Ranganathan
> Assignee: Venkat Ranganathan
> Priority: Critical
> Fix For: trunk
>
> Attachments: OOZIE-2244-no-prefix.patch
>
>
> Users have complained that oozie logging the password related argument values
> in the launcher log is a security hole and want it to be masked in the
> output. Even password aliases in keystore are considered to be a security
> hole.
> The fix is to mask any argument values if option name contains the string
> password (which is true for Sqoop). We do this in multiple places, in Sqoop
> main, in Launcher Mapper, in JavaMain as well.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
