Dmitrii Saprykin created CASSANDRA-9972:
-------------------------------------------
Summary: Make node tool command take a password file (2.0.x)
Key: CASSANDRA-9972
URL: https://issues.apache.org/jira/browse/CASSANDRA-9972
Project: Cassandra
Issue Type: Improvement
Reporter: Dmitrii Saprykin
Assignee: Clément Lardeur
Priority: Trivial
Fix For: 2.1 beta1
Attachments: cassandra-2.0-6660.patch, trunk-6660-v1.patch,
trunk-6660-v2.patch, trunk-6660-v3.patch
We are sending the jmx password in the clear to the node tool command in
production. This is a security risk. Any one doing a 'ps' can see the clear
password. Can we change the node tool command to also take a password file
argument. This file will list the JMX user and passwords. Example below:
cat /cassandra/run/10003004.jmxpasswd
monitorRole abc
controlRole def
Based on the user name provided, node tool can pick up the right password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
