[
https://issues.apache.org/jira/browse/HADOOP-17510?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Shilun Fan updated HADOOP-17510:
--------------------------------
Component/s: security
Hadoop Flags: Reviewed
> Hadoop prints sensitive Cookie information.
> -------------------------------------------
>
> Key: HADOOP-17510
> URL: https://issues.apache.org/jira/browse/HADOOP-17510
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 3.3.0
> Reporter: Renukaprasad C
> Assignee: Renukaprasad C
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.3.1, 3.4.0, 2.10.2, 3.2.3
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> org.apache.hadoop.security.authentication.client.AuthenticatedURL.AuthCookieHandler#setAuthCookie
> - prints cookie information in log. Any sensitive infomation in Cookies will
> be logged, which needs to be avaided.
> LOG.trace("Setting token value to {} ({})", authCookie, oldCookie);
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
