[
https://issues.apache.org/jira/browse/KAFKA-4754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15872116#comment-15872116
]
Colin P. McCabe edited comment on KAFKA-4754 at 2/17/17 5:02 PM:
-----------------------------------------------------------------
bq. Its worth noting, it was also possible to echo out passwords on any error
in this code path via CommandLineUtils.parseKeyValueArgs:
System.err.println("Invalid command line properties: " + args.mkString(" "))
Hmm. It is not a good practice to pass passwords through the command line.
This could expose the password to anyone who is able to run {{ps}} on the
system, or look at the bash history. So I'm not sure that we should be
concerned about the {{println}}. In fact, we might want to issue a warning if
people do this with passwords...
was (Author: cmccabe):
bq. Its worth noting, it was also possible to echo out passwords on any error
in this code path via CommandLineUtils.parseKeyValueArgs:
System.err.println("Invalid command line properties: " + args.mkString(" "))
Hmm. It is not a good practice to pass passwords through the command line.
This could expose the password to anyone who is able to run {{ps}} on the
system, or look at the bash history. So I'm not sure that we should be
concerned about the {{println}}. In fact, we might want to deprecate the
{{\--password}} option.
> Correctly parse '=' characters in command line overrides
> --------------------------------------------------------
>
> Key: KAFKA-4754
> URL: https://issues.apache.org/jira/browse/KAFKA-4754
> Project: Kafka
> Issue Type: Bug
> Affects Versions: 0.9.0.0
> Reporter: Grant Henke
> Assignee: Grant Henke
>
> When starting Kafka with an override parameter via "--override
> my.parameter=myvalue".
> If a value contains an '=' character it fails and exits with "Invalid command
> line properties:.."
> Often passwords contain an '=' character so its important to support that
> value.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
