Joy Gao updated AIRFLOW-2311:
    Summary: Environment variables are accessible to dag execution  (was: 
Environment variables from the scheduler process are accessible to dag 

> Environment variables are accessible to dag execution
> -----------------------------------------------------
>                 Key: AIRFLOW-2311
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-2311
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: security
>            Reporter: Joy Gao
>            Priority: Major
> Currently, environment variables are accessible to dag execution for both 
> LocalExecutor and CeleryExecutor (from the machine/container where `airflow 
> scheduler` process is running on)
> I believe it is a potential security concern on the whole by passing down all 
> environment variables to task execution, which sometimes include sensitive 
> credentials. This means that it is the responsibility of (1) the airflow 
> admin to not store sensitive data in environment variables in production or 
> (2) the dag maintainer to properly audit the dag file and make sure it is not 
> malicious. (1) seems very hard to guarantee (2) seems easier, but not 
> foolproof.

This message was sent by Atlassian JIRA

Reply via email to