[
https://issues.apache.org/jira/browse/SAMZA-589?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14354049#comment-14354049
]
Chris Riccomini commented on SAMZA-589:
---------------------------------------
bq. Although authentication wouldn't prevent these values from being logged.
Ya. In secure-YARN, they lock down the logs directories to be 600, so no one
can see them except the user that started the job.
bq. Additionally, even in the case where authentication for say the AM UI was
required, it would be nice to mask sensitive values by default.
I agree, masking would be handy, even if we end up with secure Hadoop.
> Need a way to flag sensitive information in Config
> --------------------------------------------------
>
> Key: SAMZA-589
> URL: https://issues.apache.org/jira/browse/SAMZA-589
> Project: Samza
> Issue Type: Bug
> Components: container
> Affects Versions: 0.8.0
> Reporter: Tommy Becker
> Fix For: 0.10.0
>
>
> Currently, the full contents of a job's Config is exposed in at least a
> couple of places including the logs (logged by SamzaContainer), and the
> ApplicationMaster UI's config page. There is a security concern with doing
> that if sensitive information (e.g. credentials) is stored there. It would
> be nice to be able to mark sensitive config values so that they are not
> displayed in such ways. The only thing that springs to mind is a special
> naming convention, perhaps a "sensitive" prefix that would identify these
> values. Ideally such a capability would be baked into Config itself, but
> minimally Samza code that exposes Config could be made aware of the
> convention to avoid displaying the plaintext of sensitive values.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
