potiuk commented on code in PR #32089:
URL: https://github.com/apache/airflow/pull/32089#discussion_r1241225367
##########
airflow/providers/vertica/hooks/vertica.py:
##########
@@ -46,5 +46,41 @@ def get_conn(self) -> connect:
else:
conn_config["port"] = int(conn.port)
+ bool_options = ["connection_load_balance", "binary_transfer",
"disable_copy_local", "request_complex_types", "use_prepared_statements"]
+ std_options = ["session_label", "backup_server_node",
"kerberos_host_name", "kerberos_service_name", "log_path", "unicode_error",
"workload", "ssl"]
Review Comment:
I carefeully looked at the parameters passed, and I think being able to set
log_path from extra is potentially dangerous and we've learned that we should
carefully look at the parameters that you pass from connection definition.
Users who have the rights to edit the connection should not have some
additional priviledges, and there is a subtle exception here in "log_path".
Enabling log_path to be set "freely" opens the doors to a subtle security
issue, where you could override some files by setting the log path when you
configure the connecion to point to a file that you want to override. I
personally think that we should not allow log_path setting at all and leave it
with the default "vertica_python.log" in default director
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
