Joy Gao created AIRFLOW-2311:
--------------------------------

             Summary: Environment variables from the scheduler process are 
accessible to dag execution
                 Key: AIRFLOW-2311
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-2311
             Project: Apache Airflow
          Issue Type: Bug
          Components: security
            Reporter: Joy Gao


Currently, environment variables are accessible to dag execution for both 
LocalExecutor and CeleryExecutor (from the machine/container where `airflow 
scheduler` process is running on)

I believe it is a potential security concern on the whole by passing down all 
environment variables to task execution, which sometimes include sensitive 
credentials. This means that it is the responsibility of (1) the airflow admin 
to not store sensitive data in environment variables in production or (2) the 
dag maintainer to properly audit the dag file and make sure it is not 
malicious. (1) seems very hard to guarantee (2) seems easier, but not foolproof.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to