gaborgsomogyi commented on PR #26677: URL: https://github.com/apache/flink/pull/26677#issuecomment-2969668448
> Adding OBF password support significantly improves Flink's security by eliminating plaintext password exposure in config files. I don't see any increase because the stolen obfuscated passwords can be de-obfuscated on any machine which has java compiler. There are solutions which can be added to decrease the attack surface but that: * is encryption and not reversible obfuscation * has KMS system involved * has pluggable implementations -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
