hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laszlo Pinter (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
Date Fri, 26 Oct 2018 10:34:00 GMT

     [ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Laszlo Pinter updated HIVE-20796:
---------------------------------
    Attachment: HIVE-20796.05.patch

> jdbc URL can contain sensitive information that should not be logged
> --------------------------------------------------------------------
>
>                 Key: HIVE-20796
>                 URL: https://issues.apache.org/jira/browse/HIVE-20796
>             Project: Hive
>          Issue Type: Improvement
>          Components: Hive
>    Affects Versions: 4.0.0
>            Reporter: Laszlo Pinter
>            Assignee: Laszlo Pinter
>            Priority: Major
>         Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, HIVE-20796.03.patch, HIVE-20796.04.patch,
HIVE-20796.05.patch
>
>
> It is possible to put passwords in the jdbc connection url and some jdbc drivers will
supposedly use that. (derby, mysql). This information is considered sensitive, and should
be masked out, while logging the connection url.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message