[jira] [Commented] (AIRFLOW-6348) security - cli.py is currently printing logs with password if you use cli to add connection with conn_password

Fri, 27 Dec 2019 02:49:52 -0800 


    [ 
https://issues.apache.org/jira/browse/AIRFLOW-6348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17004089#comment-17004089
 ] 

ASF GitHub Bot commented on AIRFLOW-6348:
-----------------------------------------

potiuk commented on pull request #6915: [AIRFLOW-6348] security - cli.py is 
currently printing logs with pass…
URL: https://github.com/apache/airflow/pull/6915
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


> security - cli.py is currently printing logs with password if you use cli to 
> add connection with conn_password
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AIRFLOW-6348
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6348
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: cli
>    Affects Versions: 1.10.6
>            Reporter: t oo
>            Assignee: t oo
>            Priority: Major
>
> cli.py is currently printing logs with password if you use cli to add 
> connection with conn_password.
> example log is being printed (this is issue if you have a auto-logforwarder 
> like splunk)
> Successfully added `conn_id`=query_hive : 
> hive_cli://user:cleartextpassw@host:10000/default
>  
> relevant code doing the printing:
> with db.create_session() as session:
> if not (session.query(Connection)
> .filter(Connection.conn_id == new_conn.conn_id).first()):
> session.add(new_conn)
> msg = '\n\tSuccessfully added `conn_id`=\{conn_id} : \{uri}\n'
> msg = msg.format(conn_id=new_conn.conn_id,
> uri=args.conn_uri or
> urlunparse((args.conn_type,
> '\{login}:\{password}@\{host}:\{port}'
> .format(login=args.conn_login or '',
> password=args.conn_password or '',
> host=args.conn_host or '',
> port=args.conn_port or ''),
> args.conn_schema or '', '', '', '')))
>  
> [https://github.com/apache/airflow/blob/v1-10-stable/airflow/bin/cli.py#L1325]
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to