[ https://issues.apache.org/jira/browse/IMPALA-4244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tim Armstrong updated IMPALA-4244: ---------------------------------- Target Version: Product Backlog > Impala should strip all strings from log output unless explicitly configured > to do so > ------------------------------------------------------------------------------------- > > Key: IMPALA-4244 > URL: https://issues.apache.org/jira/browse/IMPALA-4244 > Project: IMPALA > Issue Type: Improvement > Components: Frontend > Affects Versions: Impala 2.5.0 > Reporter: Laszlo Gaal > Priority: Major > Labels: security, supportability > > Currently there are multiple code locations where query text is written to > the logs. This is particularly bad when it happens before the query is > parsed, as there is no reliable way to identify strings in the query text due > to various quoting and escaping schemes. > Printing query text or text strings like this could leak sensitive > information into the logs. Particularly bad example (collected from the wild): > {code:java} > I0610 13:06:43.571676 2022 Frontend.java:818] analyze query SELECT user_id, > username, group_id FROM db.table WHERE username='USER' AND password='BAD'" > {code} > Totally forbidding the presence of query text in the logs would make it too > hard to debug or support Impala, so there should be a global switch governing > this behavior. > When the switch is set to disabling text printing, Impala should: > * not print unparsed query text to the logs; it should just print query IDs > * strip strings from the log output > When the switch is set to enabled Impala should > * print unparsed query text to the log > * let strings pass through to the logs, including parameter values, table > names, column names etc. > The default (unconfigured) state of this switch should be disabled. > Impala should probably indicate if the switch is set to enabled to warn the > user about possibly sensitive information being written to the logs. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org