Andy LoPresto created NIFI-3713:
-----------------------------------
Summary: Examine logs to ensure that data is not leaked to logs
when the corresponding repository is encrypted
Key: NIFI-3713
URL: https://issues.apache.org/jira/browse/NIFI-3713
Project: Apache NiFi
Issue Type: Sub-task
Components: Core Framework
Reporter: Andy LoPresto
Assignee: Andy LoPresto
I have noticed some of the logging statements (see {{LuceneEventIndex}}, etc.)
print the flowfile attributes or provenance event record contents. I corrected
some of these but the data can be useful for tracing and diagnostics if it is
not sensitive. It is difficult to determine if the repository is encrypted
without changing the method signatures and passing additional information. This
will need an exhaustive audit to ensure no data leakage is occurring.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
