[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[ https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17599561#comment-17599561 ] ruanhui commented on HBASE-27320: - Thanks for the comment [~ndimiduk] . Luckily most of our users are not familiar with this, so it's so far so good. > hide some sensitive configuration information in the UI > --- > > Key: HBASE-27320 > URL: https://issues.apache.org/jira/browse/HBASE-27320 > Project: HBase > Issue Type: Improvement > Components: security, UI >Affects Versions: 3.0.0-alpha-3 >Reporter: ruanhui >Assignee: ruanhui >Priority: Minor > Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15 > > > In the discussion about how to store keystore/truststore password securely, > [~bbeaudreault] mentioned and I quote here > "I agree that it seems insecure to put it directly into the hbase-site.xml. > Another reason is due to the RS UI which (helpfully) can print the entire > site configuration. We’d need to make sure the password is excluded from > that, but better to remove it from site xml altogether". > I also felt that some sensitive information was exposed in the UI, for > example, if we set superuser in the hbase-site.xml, the non-admin users can > obtain superuser information and simulate superuser to perform some > non-permitted operations on the cluster. So I think maybe we should hide > these sensitive information in the UI. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[ https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17597201#comment-17597201 ] Nick Dimiduk commented on HBASE-27320: -- I'm surprised this is marked as an Improvement and not a Critical bug. Disclosing security information on the unsecured web UI seems like A Bad Thing. > hide some sensitive configuration information in the UI > --- > > Key: HBASE-27320 > URL: https://issues.apache.org/jira/browse/HBASE-27320 > Project: HBase > Issue Type: Improvement > Components: security, UI >Affects Versions: 3.0.0-alpha-3 >Reporter: ruanhui >Assignee: ruanhui >Priority: Minor > Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15 > > > In the discussion about how to store keystore/truststore password securely, > [~bbeaudreault] mentioned and I quote here > "I agree that it seems insecure to put it directly into the hbase-site.xml. > Another reason is due to the RS UI which (helpfully) can print the entire > site configuration. We’d need to make sure the password is excluded from > that, but better to remove it from site xml altogether". > I also felt that some sensitive information was exposed in the UI, for > example, if we set superuser in the hbase-site.xml, the non-admin users can > obtain superuser information and simulate superuser to perform some > non-permitted operations on the cluster. So I think maybe we should hide > these sensitive information in the UI. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[
https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584630#comment-17584630
]
Hudson commented on HBASE-27320:
Results for branch branch-2
[build #626 on
builds.a.o|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2/626/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2/626/General_20Nightly_20Build_20Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2/626/JDK8_20Nightly_20Build_20Report_20_28Hadoop2_29/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2/626/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(x) {color:red}-1 jdk11 hadoop3 checks{color}
-- For more information [see jdk11
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2/626/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> hide some sensitive configuration information in the UI
> ---
>
> Key: HBASE-27320
> URL: https://issues.apache.org/jira/browse/HBASE-27320
> Project: HBase
> Issue Type: Improvement
> Components: security, UI
>Affects Versions: 3.0.0-alpha-3
>Reporter: ruanhui
>Assignee: ruanhui
>Priority: Minor
> Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15
>
>
> In the discussion about how to store keystore/truststore password securely,
> [~bbeaudreault] mentioned and I quote here
> "I agree that it seems insecure to put it directly into the hbase-site.xml.
> Another reason is due to the RS UI which (helpfully) can print the entire
> site configuration. We’d need to make sure the password is excluded from
> that, but better to remove it from site xml altogether".
> I also felt that some sensitive information was exposed in the UI, for
> example, if we set superuser in the hbase-site.xml, the non-admin users can
> obtain superuser information and simulate superuser to perform some
> non-permitted operations on the cluster. So I think maybe we should hide
> these sensitive information in the UI.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[
https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584600#comment-17584600
]
Hudson commented on HBASE-27320:
Results for branch branch-2.4
[build #416 on
builds.a.o|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.4/416/]:
(/) *{color:green}+1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.4/416/General_20Nightly_20Build_20Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.4/416/JDK8_20Nightly_20Build_20Report_20_28Hadoop2_29/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.4/416/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 jdk11 hadoop3 checks{color}
-- For more information [see jdk11
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.4/416/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> hide some sensitive configuration information in the UI
> ---
>
> Key: HBASE-27320
> URL: https://issues.apache.org/jira/browse/HBASE-27320
> Project: HBase
> Issue Type: Improvement
> Components: security, UI
>Affects Versions: 3.0.0-alpha-3
>Reporter: ruanhui
>Assignee: ruanhui
>Priority: Minor
> Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15
>
>
> In the discussion about how to store keystore/truststore password securely,
> [~bbeaudreault] mentioned and I quote here
> "I agree that it seems insecure to put it directly into the hbase-site.xml.
> Another reason is due to the RS UI which (helpfully) can print the entire
> site configuration. We’d need to make sure the password is excluded from
> that, but better to remove it from site xml altogether".
> I also felt that some sensitive information was exposed in the UI, for
> example, if we set superuser in the hbase-site.xml, the non-admin users can
> obtain superuser information and simulate superuser to perform some
> non-permitted operations on the cluster. So I think maybe we should hide
> these sensitive information in the UI.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[
https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584525#comment-17584525
]
Hudson commented on HBASE-27320:
Results for branch master
[build #665 on
builds.a.o|https://ci-hbase.apache.org/job/HBase%20Nightly/job/master/665/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/master/665/General_20Nightly_20Build_20Report/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/master/665/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(x) {color:red}-1 jdk11 hadoop3 checks{color}
-- For more information [see jdk11
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/master/665/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> hide some sensitive configuration information in the UI
> ---
>
> Key: HBASE-27320
> URL: https://issues.apache.org/jira/browse/HBASE-27320
> Project: HBase
> Issue Type: Improvement
> Components: security, UI
>Affects Versions: 3.0.0-alpha-3
>Reporter: ruanhui
>Assignee: ruanhui
>Priority: Minor
> Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15
>
>
> In the discussion about how to store keystore/truststore password securely,
> [~bbeaudreault] mentioned and I quote here
> "I agree that it seems insecure to put it directly into the hbase-site.xml.
> Another reason is due to the RS UI which (helpfully) can print the entire
> site configuration. We’d need to make sure the password is excluded from
> that, but better to remove it from site xml altogether".
> I also felt that some sensitive information was exposed in the UI, for
> example, if we set superuser in the hbase-site.xml, the non-admin users can
> obtain superuser information and simulate superuser to perform some
> non-permitted operations on the cluster. So I think maybe we should hide
> these sensitive information in the UI.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[
https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584442#comment-17584442
]
Hudson commented on HBASE-27320:
Results for branch branch-2.5
[build #194 on
builds.a.o|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.5/194/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(x) {color:red}-1 general checks{color}
-- For more information [see general
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.5/194/General_20Nightly_20Build_20Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.5/194/JDK8_20Nightly_20Build_20Report_20_28Hadoop2_29/]
(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.5/194/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 jdk11 hadoop3 checks{color}
-- For more information [see jdk11
report|https://ci-hbase.apache.org/job/HBase%20Nightly/job/branch-2.5/194/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> hide some sensitive configuration information in the UI
> ---
>
> Key: HBASE-27320
> URL: https://issues.apache.org/jira/browse/HBASE-27320
> Project: HBase
> Issue Type: Improvement
> Components: security, UI
>Affects Versions: 3.0.0-alpha-3
>Reporter: ruanhui
>Assignee: ruanhui
>Priority: Minor
> Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15
>
>
> In the discussion about how to store keystore/truststore password securely,
> [~bbeaudreault] mentioned and I quote here
> "I agree that it seems insecure to put it directly into the hbase-site.xml.
> Another reason is due to the RS UI which (helpfully) can print the entire
> site configuration. We’d need to make sure the password is excluded from
> that, but better to remove it from site xml altogether".
> I also felt that some sensitive information was exposed in the UI, for
> example, if we set superuser in the hbase-site.xml, the non-admin users can
> obtain superuser information and simulate superuser to perform some
> non-permitted operations on the cluster. So I think maybe we should hide
> these sensitive information in the UI.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[ https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584221#comment-17584221 ] Bryan Beaudreault commented on HBASE-27320: --- Nice, thanks [~frostruan]! > hide some sensitive configuration information in the UI > --- > > Key: HBASE-27320 > URL: https://issues.apache.org/jira/browse/HBASE-27320 > Project: HBase > Issue Type: Improvement > Components: security, UI >Affects Versions: 3.0.0-alpha-3 >Reporter: ruanhui >Assignee: ruanhui >Priority: Minor > Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15 > > > In the discussion about how to store keystore/truststore password securely, > [~bbeaudreault] mentioned and I quote here > "I agree that it seems insecure to put it directly into the hbase-site.xml. > Another reason is due to the RS UI which (helpfully) can print the entire > site configuration. We’d need to make sure the password is excluded from > that, but better to remove it from site xml altogether". > I also felt that some sensitive information was exposed in the UI, for > example, if we set superuser in the hbase-site.xml, the non-admin users can > obtain superuser information and simulate superuser to perform some > non-permitted operations on the cluster. So I think maybe we should hide > these sensitive information in the UI. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (HBASE-27320) hide some sensitive configuration information in the UI
[ https://issues.apache.org/jira/browse/HBASE-27320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17584088#comment-17584088 ] ruanhui commented on HBASE-27320: - ok. Thanks for reviewing [~zhangduo] [~taklwu] . > hide some sensitive configuration information in the UI > --- > > Key: HBASE-27320 > URL: https://issues.apache.org/jira/browse/HBASE-27320 > Project: HBase > Issue Type: Improvement > Components: security, UI >Affects Versions: 3.0.0-alpha-3 >Reporter: ruanhui >Assignee: ruanhui >Priority: Minor > Fix For: 2.6.0, 2.5.1, 3.0.0-alpha-4, 2.4.15 > > > In the discussion about how to store keystore/truststore password securely, > [~bbeaudreault] mentioned and I quote here > "I agree that it seems insecure to put it directly into the hbase-site.xml. > Another reason is due to the RS UI which (helpfully) can print the entire > site configuration. We’d need to make sure the password is excluded from > that, but better to remove it from site xml altogether". > I also felt that some sensitive information was exposed in the UI, for > example, if we set superuser in the hbase-site.xml, the non-admin users can > obtain superuser information and simulate superuser to perform some > non-permitted operations on the cluster. So I think maybe we should hide > these sensitive information in the UI. -- This message was sent by Atlassian Jira (v8.20.10#820010)
