[
https://issues.apache.org/jira/browse/HIVE-29523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18068924#comment-18068924
]
Stamatis Zampetakis commented on HIVE-29523:
--------------------------------------------
Hey [~victorlw] , if you believe that there is a security vulnerability in the
project please edit the ticket and change the security level to non-public.
Then enrich the description with more details on how the vulnerability can be
exploited and why you believe that it is a security risk. Once done contact the
Hive security team by sending an email at
[[email protected]|mailto:[email protected]] and provide the Jira
id of this ticket.
> Hive Session ID printed in plaintext.
> -------------------------------------
>
> Key: HIVE-29523
> URL: https://issues.apache.org/jira/browse/HIVE-29523
> Project: Hive
> Issue Type: Improvement
> Affects Versions: 3.1.0
> Reporter: liu wei
> Priority: Major
>
> The Hive code contains the Hive session ID, which may cause security risks.
> It is expected that the session ID is not printed.
> ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java
>
> the text is getConsole().printInfo("Hive Session ID = " + getSessionId());
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
