ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Semen Boikov (JIRA)" <j...@apache.org>
Subject [jira] [Created] (IGNITE-4167) Add an option to avoid printing out sensitive data into logs
Date Thu, 03 Nov 2016 10:44:58 GMT
Semen Boikov created IGNITE-4167:

             Summary: Add an option to avoid printing out sensitive data into logs
                 Key: IGNITE-4167
                 URL: https://issues.apache.org/jira/browse/IGNITE-4167
             Project: Ignite
          Issue Type: Improvement
            Reporter: Denis Kholodov

We are seeing sensitive cache data being output in ignite debug logging. I've tracked it down
to at least two places:

1. GridToStringBuilder uses reflection to print all fields in cache objects that are not annotated
with @GridToStringExclude
2. GridCacheMapEntry does a direct toString() call on the value objects in a debug log

As a fabric platform, we won't always have control over the object classes being added to/retrieved
from the cache.

We must always assume that all keys and values are sensitive and should not be outputted in
logs except in local debugging situations. To this end, we need a configuration option (turned
OFF by default) that allows keys/values to be written to log messages.


This message was sent by Atlassian JIRA

View raw message