[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged

Wed, 24 Oct 2018 07:13:17 -0700 


    [ 
https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662329#comment-16662329
 ] 

Laszlo Pinter commented on HIVE-20796:
--------------------------------------

Indeed is similar, but I was thinking of different scenario. In the 
hive-site.xml you can provide the connection url and the credentials as 
different entries
{code:xml}
<property>
<name>javax.jdo.option.ConnectionURL</name>
<value>jdbc:derby:memory:${test.tmp.dir}/junit_metastore_db;create=true</value>
</property>

<property> 
<name>javax.jdo.option.ConnectionUserName</name> 
<value>username</value> 
</property>

<property> 
<name>javax.jdo.option.ConnectionPassword</name> 
<value>password</value> 
</property>
{code}
But it is possible to specify the credentials as part of the connection url
{code:xml}
<property>
  <name>javax.jdo.option.ConnectionURL</name>
  
<value>jdbc:derby:memory:${test.tmp.dir}/junit_metastore_db;create=true;username=username;password=password</value>
</property>
  {code}
While overriding the default configuration values from jpox.properties, the old 
and new entries are logged out (ObjectStore#getDataSourceProps())
{code:java}
if (MetastoreConf.isPrintable(varName)) {
  LOG.debug("Overriding {} value {} from jpox.properties with {}",
    varName, prevVal, confVal);
}
{code}
Since the jdbc url is not marked as unprintable, all of it contents will be 
written to debug log. 

> jdbc URL can contain sensitive information that should not be logged
> --------------------------------------------------------------------
>
>                 Key: HIVE-20796
>                 URL: https://issues.apache.org/jira/browse/HIVE-20796
>             Project: Hive
>          Issue Type: Improvement
>          Components: Hive
>    Affects Versions: 4.0.0
>            Reporter: Laszlo Pinter
>            Assignee: Laszlo Pinter
>            Priority: Major
>
> It is possible to put passwords in the jdbc connection url and some jdbc 
> drivers will supposedly use that. (derby, mysql). This information is 
> considered sensitive, and should be masked out, while logging the connection 
> url.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to