[jira] [Commented] (FLUME-2954) make raw data appearing in log messages explicit

Mon, 29 Aug 2016 12:31:39 -0700 

    [ 
https://issues.apache.org/jira/browse/FLUME-2954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15446831#comment-15446831
 ] 

ASF subversion and git services commented on FLUME-2954:
--------------------------------------------------------

Commit 3ad7d276462cf9a620888ca8dbc8541f0f02bbc1 in flume's branch 
refs/heads/trunk from [~sati]
[ https://git-wip-us.apache.org/repos/asf?p=flume.git;h=3ad7d27 ]

FLUME-2954. Make raw data appearing in log messages explicit

Flume has built-in functionality to log data flowing through, mainly for
debugging purposes. This functionality appears in several places in the
code base. Such functionality can raise security concerns in production
environments where sensitive information might be ingested so it is
crucial that enabling such functionality be as explicit as possible.

This patch adds two system properties, one to enable logging of Flume
configuration properties and one to enable logging of raw data. If they
are not set, these items are never logged at any log4j logging level.

(Attila Simon via Mike Percy)


> make raw data appearing in log messages explicit
> ------------------------------------------------
>
>                 Key: FLUME-2954
>                 URL: https://issues.apache.org/jira/browse/FLUME-2954
>             Project: Flume
>          Issue Type: Improvement
>          Components: Channel, Configuration, Sinks+Sources
>    Affects Versions: v1.6.0
>            Reporter: Attila Simon
>            Assignee: Attila Simon
>            Priority: Critical
>             Fix For: v1.7.0
>
>         Attachments: FLUME-2954-4.patch
>
>
> Flume has built in functionality to log out data flowing through
> mainly for debugging purposes. This functionality appears in several
> places of the codebase. I think such functionality rise security
> concerns in production environments where sensitive information might
> be ingested so it is crucial that enabling such functionality has to
> be as explicit as possible (avoid implicit side effect setup).
> Eg: setting the level of root logger to debug/trace cause that every
> other logger will start logging at debug/trace including the ones
> logging raw data.
> In this jira I would like to provide a patch capturing how I imagined solving 
> this issue. It can be refined iteratively or used as a basis for a broader 
> discussion.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to