[HIVE-9013] Hive set command exposes metastore db password - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.13.1
Fix Version/s: 1.2.2, 1.3.0, 2.0.0
Component/s: None
Labels:
- TODOC1.2
- TODOC1.3

Description

When auth is enabled, we still need set command to set some variables(e.g. mapreduce.job.queuename), but set command alone also list all information(including vars in restrict list), this exposes like "javax.jdo.option.ConnectionPassword"
I think conf var in the restrict list should also excluded from dump vars command.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-9013.1.patch
03/Dec/14 13:03
2 kB
Binglin Chang
HIVE-9013.2.patch
04/Dec/14 03:18
3 kB
Binglin Chang
HIVE-9013.3.patch
05/Dec/14 04:03
5 kB
Binglin Chang
HIVE-9013.4.patch
22/Oct/15 15:49
4 kB
Binglin Chang
HIVE-9013.5.patch
23/Oct/15 09:02
12 kB
Binglin Chang
HIVE-9013.5.patch
24/Oct/15 04:22
12 kB
Thejas Nair
HIVE-9013.5.patch-branch1
26/Oct/15 19:15
12 kB
Sushanth Sowmyan
HIVE-9013.5.patch-branch1.2
26/Oct/15 20:48
12 kB
Sushanth Sowmyan

Issue Links

incorporates

HIVE-11670 Strip out password information from TezSessionState configuration

Closed

is related to

HIVE-12345 Followup for HIVE-9013 : Hidden conf vars still visible through beeline

Closed

relates to

HIVE-25929 Let secret config properties to be propagated to Tez

Resolved

supercedes

HIVE-10508 Strip out password information from config passed to Tez/MR in cases where password encryption is not used

Closed

links to

RB link

Activity

People

Assignee:: Binglin Chang

Reporter:: Binglin Chang

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 03/Dec/14 12:48

Updated:: 06/Feb/22 10:33

Resolved:: 26/Oct/15 18:44