[
https://issues.apache.org/jira/browse/HADOOP-14833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mingliang Liu updated HADOOP-14833:
-----------------------------------
Resolution: Fixed
Hadoop Flags: Reviewed
Fix Version/s: 3.3.0
Release Note:
After this patch, the S3A connector no longer supports username and secrets in
URLs of the form `s3a://key:secret@bucket/`. It is near-impossible to stop
those secrets being logged —which is why a warning has been printed since
Hadoop 2.8 whenever such a URL was used.
Fix: use a more secure mechanism to pass down the secrets.
Status: Resolved (was: Patch Available)
Committed to {{trunk}} branch. Thanks [[email protected]] for your
contribution.
> Remove s3a user:secret authentication
> -------------------------------------
>
> Key: HADOOP-14833
> URL: https://issues.apache.org/jira/browse/HADOOP-14833
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Affects Versions: 3.0.0-beta1
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Major
> Fix For: 3.3.0
>
> Attachments: HADOOP-14833-001.patch, HADOOP-14833-002.patch
>
>
> Remove the s3a://user:secret@host auth mechanism from S3a.
> As well as being insecure, it causes problems with S3Guard's URI matching
> code.
> Proposed: cull it utterly. We've been telling people to stop using it since
> HADOOP-3733
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
