[ https://issues.apache.org/jira/browse/AIRFLOW-2311?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joy Gao updated AIRFLOW-2311: ----------------------------- Summary: Environment variables are accessible to dag execution (was: Environment variables from the scheduler process are accessible to dag execution) > Environment variables are accessible to dag execution > ----------------------------------------------------- > > Key: AIRFLOW-2311 > URL: https://issues.apache.org/jira/browse/AIRFLOW-2311 > Project: Apache Airflow > Issue Type: Bug > Components: security > Reporter: Joy Gao > Priority: Major > > Currently, environment variables are accessible to dag execution for both > LocalExecutor and CeleryExecutor (from the machine/container where `airflow > scheduler` process is running on) > I believe it is a potential security concern on the whole by passing down all > environment variables to task execution, which sometimes include sensitive > credentials. This means that it is the responsibility of (1) the airflow > admin to not store sensitive data in environment variables in production or > (2) the dag maintainer to properly audit the dag file and make sure it is not > malicious. (1) seems very hard to guarantee (2) seems easier, but not > foolproof. -- This message was sent by Atlassian JIRA (v7.6.3#76005)