[ https://issues.apache.org/jira/browse/NIFI-3713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann reassigned NIFI-3713: -------------------------------------- Assignee: David Handermann (was: Andy LoPresto) > Examine logs to ensure that data is not leaked to logs when the corresponding > repository is encrypted > ----------------------------------------------------------------------------------------------------- > > Key: NIFI-3713 > URL: https://issues.apache.org/jira/browse/NIFI-3713 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core Framework > Reporter: Andy LoPresto > Assignee: David Handermann > Priority: Major > Labels: data-leak, logging, security > > I have noticed some of the logging statements (see {{LuceneEventIndex}}, > etc.) print the flowfile attributes or provenance event record contents. I > corrected some of these but the data can be useful for tracing and > diagnostics if it is not sensitive. It is difficult to determine if the > repository is encrypted without changing the method signatures and passing > additional information. This will need an exhaustive audit to ensure no data > leakage is occurring. -- This message was sent by Atlassian Jira (v8.20.1#820001)