[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] abhishek bafna updated OOZIE-2244: -- Fix Version/s: (was: trunk) 4.3.0 > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > Fix For: 4.3.0 > > Attachments: OOZIE-2244-01.patch, OOZIE-2244-no-prefix.patch > > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Venkat Ranganathan updated OOZIE-2244: -- Attachment: OOZIE-2244-01.patch Rebased to trunk > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > Fix For: trunk > > Attachments: OOZIE-2244-01.patch, OOZIE-2244-no-prefix.patch > > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Venkat Ranganathan updated OOZIE-2244: -- Attachment: OOZIE-2244-no-prefix.patch > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > Fix For: trunk > > Attachments: OOZIE-2244-no-prefix.patch > > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shwetha G S updated OOZIE-2244: --- Fix Version/s: (was: 4.2) > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > Fix For: trunk > > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bowen Zhang updated OOZIE-2244: --- Fix Version/s: 4.2 trunk > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > Fix For: trunk, 4.2 > > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (OOZIE-2244) Oozie should mask passwords in the logs when logging command arguments
[ https://issues.apache.org/jira/browse/OOZIE-2244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Venkat Ranganathan updated OOZIE-2244: -- Summary: Oozie should mask passwords in the logs when logging command arguments (was: Oozie should mask passwords in the logs when provided as command arguments) > Oozie should mask passwords in the logs when logging command arguments > -- > > Key: OOZIE-2244 > URL: https://issues.apache.org/jira/browse/OOZIE-2244 > Project: Oozie > Issue Type: Bug >Affects Versions: 4.1.0, 4.0.1 > Environment: All >Reporter: Venkat Ranganathan >Assignee: Venkat Ranganathan >Priority: Critical > > Users have complained that oozie logging the password related argument values > in the launcher log is a security hole and want it to be masked in the > output. Even password aliases in keystore are considered to be a security > hole. > The fix is to mask any argument values if option name contains the string > password (which is true for Sqoop). We do this in multiple places, in Sqoop > main, in Launcher Mapper, in JavaMain as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
