Vishnu Mohan created MESOS-7392:
-----------------------------------
Summary: Obfuscate authentication information logged by the
fetcher
Key: MESOS-7392
URL: https://issues.apache.org/jira/browse/MESOS-7392
Project: Mesos
Issue Type: Improvement
Components: fetcher
Affects Versions: 1.2.0, 1.1.1, 1.0.3
Reporter: Vishnu Mohan
As reported by Joseph Stevens on DC/OS Community Slack:
https://dcos-community.slack.com/archives/C10DCMHK4/p1492126723695465
{code}
So I've noticed that the Mesos Fetcher prints the URI it's using in plain text
to the stderr logs. This is a serious problem since if you're using something
like the mesos spark framework, it uses mesos fetcher under the hood, and the
only way to fetch authenticated resources is to pass the auth as part of the
URI. This means every time we start a job we're printing a username and
password into the task sandbox and consequently into anything that picks up
those logs from the agents. Could you guys change that so the password is
obfuscated on print when a URI has credentials inside it?
{code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
