[jira] [Updated] (KAFKA-18371) TopicBasedRemoteLogMetadataManagerConfig exposes sensitive configuration data in logs

Mon, 30 Dec 2024 00:45:14 -0800 


     [ 
https://issues.apache.org/jira/browse/KAFKA-18371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Vadym Zhytkevych updated KAFKA-18371:
-------------------------------------
    Description: 
{code:java}
[2024-12-20 14:52:56,805] INFO Successfully configured topic-based RLMM with 
config: 
TopicBasedRemoteLogMetadataManagerConfig{clientIdPrefix='__remote_log_metadata_client_6',
 metadataTopicPartitionsCount=50, consumeWaitMs=120000, 
metadataTopicRetentionMs=-1, metadataTopicReplicationFactor=3, 
initializationRetryMaxTimeoutMs=120000, initializationRetryIntervalMs=100, 
commonProps={request.timeout.ms=10000, ssl.client.auth=none, 
ssl.keystore.location=/etc/kafka/ssl/keystore.p12, 
bootstrap.servers=server1:9094, security.protocol=SASL_SSL, password=CLEARTEXT, 
ssl.truststore.location=/etc/pki/java/cacerts, ssl.keystore.password=CLEARTEXT, 
sasl.mechanism=SCRAM-SHA-512, ssl.key.password=CLEARTEXT, 
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule 
required username="username" password="CLEARTEXT";, 
ssl.truststore.password=CLEARTEXT, …{code}
 

Issue is related to using toString() method of 
TopicBasedRemoteLogMetadataManagerConfig, that prints maps of consumerProps and 
producerProps withou masking.

 

Current workaround: logger for class TopicBasedRemoteLogMetadataManagerConfig 
can be disabled to not expose sensitive data.

Expected behavior:  sensitive configuration data masked automatically in logs.

  was:
{code:java}
[2024-12-20 14:52:56,805] INFO Successfully configured topic-based RLMM with 
config: 
TopicBasedRemoteLogMetadataManagerConfig{clientIdPrefix='__remote_log_metadata_client_6',
 metadataTopicPartitionsCount=50, consumeWaitMs=120000, 
metadataTopicRetentionMs=-1, metadataTopicReplicationFactor=3, 
initializationRetryMaxTimeoutMs=120000, initializationRetryIntervalMs=100, 
commonProps={request.timeout.ms=10000, ssl.client.auth=none, 
ssl.keystore.location=/etc/kafka/ssl/keystore.p12, 
bootstrap.servers:9094=server1, security.protocol=SASL_SSL, password=CLEARTEXT, 
ssl.truststore.location=/etc/pki/java/cacerts, ssl.keystore.password=CLEARTEXT, 
sasl.mechanism=SCRAM-SHA-512, ssl.key.password=CLEARTEXT, 
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule 
required username="username" password="CLEARTEXT";, 
ssl.truststore.password=CLEARTEXT, …{code}
 

Issue is related to using toString() method of 
TopicBasedRemoteLogMetadataManagerConfig, that prints maps of consumerProps and 
producerProps withou masking.

 

Current workaround: logger for class TopicBasedRemoteLogMetadataManagerConfig 
can be disabled to not expose sensitive data.

Expected behavior:  sensitive configuration data masked automatically in logs.


> TopicBasedRemoteLogMetadataManagerConfig exposes sensitive configuration data 
> in logs
> -------------------------------------------------------------------------------------
>
>                 Key: KAFKA-18371
>                 URL: https://issues.apache.org/jira/browse/KAFKA-18371
>             Project: Kafka
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 3.1.0
>            Reporter: Vadym Zhytkevych
>            Priority: Major
>
> {code:java}
> [2024-12-20 14:52:56,805] INFO Successfully configured topic-based RLMM with 
> config: 
> TopicBasedRemoteLogMetadataManagerConfig{clientIdPrefix='__remote_log_metadata_client_6',
>  metadataTopicPartitionsCount=50, consumeWaitMs=120000, 
> metadataTopicRetentionMs=-1, metadataTopicReplicationFactor=3, 
> initializationRetryMaxTimeoutMs=120000, initializationRetryIntervalMs=100, 
> commonProps={request.timeout.ms=10000, ssl.client.auth=none, 
> ssl.keystore.location=/etc/kafka/ssl/keystore.p12, 
> bootstrap.servers=server1:9094, security.protocol=SASL_SSL, 
> password=CLEARTEXT, ssl.truststore.location=/etc/pki/java/cacerts, 
> ssl.keystore.password=CLEARTEXT, sasl.mechanism=SCRAM-SHA-512, 
> ssl.key.password=CLEARTEXT, 
> sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule 
> required username="username" password="CLEARTEXT";, 
> ssl.truststore.password=CLEARTEXT, …{code}
>  
> Issue is related to using toString() method of 
> TopicBasedRemoteLogMetadataManagerConfig, that prints maps of consumerProps 
> and producerProps withou masking.
>  
> Current workaround: logger for class TopicBasedRemoteLogMetadataManagerConfig 
> can be disabled to not expose sensitive data.
> Expected behavior:  sensitive configuration data masked automatically in logs.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to