[
https://issues.apache.org/jira/browse/KUDU-3448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17728447#comment-17728447
]
ASF subversion and git services commented on KUDU-3448:
-------------------------------------------------------
Commit dfc016ada35c988d3eb7b96597ba4455c65335bc in kudu's branch
refs/heads/master from Attila Bukor
[ https://gitbox.apache.org/repos/asf?p=kudu.git;h=dfc016ada ]
KUDU-3448 Move password retrieval to master init
Apparently, forks can be expensive, at least on some systems, which
makes fetching the password to encrypt/decrypt key materials whenever a
TSK or IPKI is generated or loaded into memory not ideal as it may cause
the server process to hang.
This patch moves the password retrieval to the master initialization
phase and the passwords are now stored in memory for later use.
Change-Id: I746e657ae8d295f5f34225d63686beea1dff6b7c
Reviewed-on: http://gerrit.cloudera.org:8080/19873
Tested-by: Attila Bukor <abu...@apache.org>
Reviewed-by: Alexey Serbin <ale...@apache.org>
> Store IPKI and TSK key material encrypted
> -----------------------------------------
>
> Key: KUDU-3448
> URL: https://issues.apache.org/jira/browse/KUDU-3448
> Project: Kudu
> Issue Type: Improvement
> Reporter: Attila Bukor
> Assignee: Attila Bukor
> Priority: Critical
> Labels: security
>
> Key material for IPKI TLS and TSK should be stored on disk securely, even
> when user data is not encrypted. The symmetric encryption key should be
> derived from a password using PBKDF2 which is a FIPS-approved KDF. The
> masters should have a flag that expects a command which outputs the password
> (similar to {{{}--webserver_private_key_password_cmd{}}}), that way the users
> can integrate with a HSM or choose another way to provide the password
> securely without storing it on a disk.
> Generating new keys or encrypting existing key material is outside the scope
> of this ticket.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
