sqoop-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jarek Jarcec Cecho <jar...@apache.org>
Subject Re: Sqoop password expose
Date Wed, 07 May 2014 15:43:33 GMT
Hi Santosh,
what logs are you referring to? Sqoop never ever printed out password into it's logs.

There were however few instances where the password was available in the past by exploring
other means, such as:

* Mapreduce job.xml object - this got removed in 1.4.4 via SQOOP-914
* Oozie logs - this can be bypassed by using --password-file option that has been added in
1.4.4 again via SQOOP-914

Don't hesitate and let us know if you see another instance where the password is available!

Jarcec

On Mon, Apr 14, 2014 at 09:41:13PM +0800, Santosh Achhra wrote:
> Hello wonderful Sqoop Team,
> 
> I understand that SQOOP 2  has feature to encrypt passwords however at my
> workplace we won't be using Sqoop 2 for at least sometime.  As Sqoop
> exposes clear username and password in the job logs, our security team is
> not allowing us to use Sqoop. I was thinking if there is a way to remove
> the username and password from the log after data load to HDFS completes.
>  Can it be done ? or any other better method?
> 
> Good wishes,always !
> Santosh

Mime
View raw message