Hello Attila Bukor, Kudu Jenkins, Abhishek Chennaka, KeDeng,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/20645
to look at the new patch set (#2).
Change subject: [fs] add redaction attribute for server key and its IV
......................................................................
[fs] add redaction attribute for server key and its IV
I noticed that the contents of the 'server_key' and 'server_key_iv'
fields of InstanceMetadataPB are printed in the logs when FSManager
opens the server's FS directory structure. Even if the server key
is encrypted with the master key, I think it's safer to redact those
in the logs since logs might be distributed among quite wide audience.
This fact inadvertently raises questions and concerns, even if those
aren't substantiated by any practical exploit scenario. Also, I could
not justify printing such information in the logs from the perspective
of troubleshooting in various scenarios, so it seemed quite natural to
redact those fields.
This change doesn't introduce any incompatibility with prior versions
since the redaction flag is a Kudu-specific attribute that only
controls the way how the contents of a fields is output by utilities
like SecureDebugString(), etc.
Change-Id: Ib2c896f23ef743ef440cf25829126e53b8976b0a
---
M src/kudu/fs/CMakeLists.txt
M src/kudu/fs/fs.proto
2 files changed, 7 insertions(+), 5 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/45/20645/2
--
To view, visit http://gerrit.cloudera.org:8080/20645
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ib2c896f23ef743ef440cf25829126e53b8976b0a
Gerrit-Change-Number: 20645
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Abhishek Chennaka <[email protected]>
Gerrit-Reviewer: Attila Bukor <[email protected]>
Gerrit-Reviewer: KeDeng <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
