[
https://issues.apache.org/jira/browse/CASSANDRA-12411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15412515#comment-15412515
]
Brad Vernon commented on CASSANDRA-12411:
-----------------------------------------
Couldn't cqlsh just ignore for those cql commands that use the pattern "WITH
PASSWORD '.*'" and if matched via RegEx don't store in the history or replace
with the common *****. It would only match on CREATE USER, ALTER USER and
CREATE ROLE commands.
If using a standard non-User/role based command like INSERT or UPDATE logging
would make sense since there is no understanding that the command being run is
specific to a C* User's login, but in the above cases it's known.
> Do not store passwords in .cassandra/cqlsh_history
> --------------------------------------------------
>
> Key: CASSANDRA-12411
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12411
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: jonathan lacefield
>
> This is a request to ensure that passwords are not stored in the
> cqlsh_history file.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
