sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tuong Truong (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SENTRY-486) Add database password obfuscation support for sentry-site.xml
Date Wed, 01 Oct 2014 21:08:34 GMT

     [ https://issues.apache.org/jira/browse/SENTRY-486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Tuong Truong updated SENTRY-486:
--------------------------------
    Description: 
Currently, the db store database password is in plain-text in the sentry-site.xml file.  This
is a security issue.  We need to be able to support encrypted password in the config file.

We plan to add a couple of property into the sentry-site.xml file.  So in addition to the
existing:
  <property>
    <name>sentry.store.jdbc.user</name>
    <value>sentry</value>
  </property>
  <property>
    <name>sentry.store.jdbc.password</name>
    <value>test</value>
  </property>


we propose to add:

  <property>
    <name>sentry.store.jdbc.password.encrypted</name>
    <value>true</value>
  </property>
  <property>
    <name>sentry.store.jdbc.password.decrypt.class</name>
    <value>org.test.password.decrypt</value>
  </property>



  was:
Currently, the db store database password is in plain-text in the sentry-site.xml file.  This
is a security issue.  We need to be able to support encrypted password in the config file.

We plan to add a couple of property into the sentry-site.xml file:




> Add database password obfuscation support for sentry-site.xml
> -------------------------------------------------------------
>
>                 Key: SENTRY-486
>                 URL: https://issues.apache.org/jira/browse/SENTRY-486
>             Project: Sentry
>          Issue Type: Improvement
>    Affects Versions: 1.4.0
>            Reporter: Tuong Truong
>            Assignee: Tuong Truong
>              Labels: security
>   Original Estimate: 16h
>  Remaining Estimate: 16h
>
> Currently, the db store database password is in plain-text in the sentry-site.xml file.
 This is a security issue.  We need to be able to support encrypted password in the config
file.
> We plan to add a couple of property into the sentry-site.xml file.  So in addition to
the existing:
>   <property>
>     <name>sentry.store.jdbc.user</name>
>     <value>sentry</value>
>   </property>
>   <property>
>     <name>sentry.store.jdbc.password</name>
>     <value>test</value>
>   </property>
> we propose to add:
>   <property>
>     <name>sentry.store.jdbc.password.encrypted</name>
>     <value>true</value>
>   </property>
>   <property>
>     <name>sentry.store.jdbc.password.decrypt.class</name>
>     <value>org.test.password.decrypt</value>
>   </property>



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message