hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ravi Prakash (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-13091) Beeline logs the username and password to the history file for connect commands
Date Fri, 19 Feb 2016 19:58:18 GMT

     [ https://issues.apache.org/jira/browse/HIVE-13091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ravi Prakash updated HIVE-13091:
--------------------------------
    Attachment: HIVE-13901.01.patch

Here's a patch which redacts the password AFTER it has been put in the history. I think this
is the wrong approach though. We really should never be accepting the password on the command
line. For instance if I forgot the {{!}} before the command, the password would still be logged
in the history file. I don't know how big a change that would be though....

> Beeline logs the username and password to the history file for connect commands
> -------------------------------------------------------------------------------
>
>                 Key: HIVE-13091
>                 URL: https://issues.apache.org/jira/browse/HIVE-13091
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 1.2.0
>            Reporter: Ravi Prakash
>            Assignee: Chinna Rao Lalam
>         Attachments: HIVE-13901.01.patch
>
>
> [~farisa] and [~tthompso] found that the beeline client also logs the username and password
from a connect command into the beeline history file (Usually found at ~/.beeline/history).
We should not be logging the password anywhere.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message