[
https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14970194#comment-14970194
]
Sushanth Sowmyan commented on HIVE-9013:
----------------------------------------
Hi Binglin, thanks for your update. I think we could use two more minor changes:
a) It'd be good to have a .q test added to this that simply sets one hidden
variable and non-hidden variable, and then runs a set (to show all) and a set
on each of these individual variables (to show individual behaviour) - that
way, we'll have a .q.out test that we can check against in the future for
regressions.
b) There's another jira, HIVE-10518, which introduced behaviour to strip out
password details from a jobconf before passing it on. Could you please also
make a change, so that these two are integrated together better? i.e. The goal
behaviour for Utilities.stripHivePasswordDetails after your patch should not be
Utilities.stripHivePasswordDetails but Utilities.stripRestrictedConfigurations,
thereby stripping all other config params that match your new enum as well.
Thanks!
> Hive set command exposes metastore db password
> ----------------------------------------------
>
> Key: HIVE-9013
> URL: https://issues.apache.org/jira/browse/HIVE-9013
> Project: Hive
> Issue Type: Bug
> Affects Versions: 0.13.1
> Reporter: Binglin Chang
> Assignee: Binglin Chang
> Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch,
> HIVE-9013.4.patch
>
>
> When auth is enabled, we still need set command to set some variables(e.g.
> mapreduce.job.queuename), but set command alone also list all
> information(including vars in restrict list), this exposes like
> "javax.jdo.option.ConnectionPassword"
> I think conf var in the restrict list should also excluded from dump vars
> command.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
