[FLINK-21196] Sensitive information(password) is in plain text format in flink-conf.yaml configuration file - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Not a Priority
Resolution: Unresolved
Affects Version/s: 1.10.0, 1.11.3
Fix Version/s: None
Component/s: Deployment / Scripts
Labels:
- auto-deprioritized-major
- auto-deprioritized-minor

Description

When ssecurit settings are enabled in flink configuration passwords information will be wriiten in flink-conf.yaml file as a plain text. If any attacker is able to access this file can use these paswords to decrypt the files. Hence secure mechanism is required to mask these senstive information from flink-conf.yaml file.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Suchithra V N

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29/Jan/21 03:46

Updated:: 06/Nov/21 10:39