Re: Review Request 68710: HIVE-20544: TOpenSessionReq logs password and username

Karen Coppage via Review Board Mon, 24 Sep 2018 07:02:16 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68710/
-----------------------------------------------------------


(Updated Sept. 24, 2018, 2:01 p.m.)


Review request for hive and Laszlo Pinter.


Changes
-------

Fixed typo in last diff


Bugs: HIVE-20544
    https://issues.apache.org/jira/browse/HIVE-20544


Repository: hive-git


Description
-------

TOpenSessionReq, if client protocol is unset, both username and password are 
logged. Logging a password is a security risk. This patch would hide it with 
asterisks.


Diffs (updated)
-----

  service-rpc/pom.xml d6a07a55bc 
  
service-rpc/src/gen/thrift/gen-javabean/org/apache/hive/service/rpc/thrift/TOpenSessionReq.java
 3195e704f3 


Diff: https://reviews.apache.org/r/68710/diff/5/

Changes: https://reviews.apache.org/r/68710/diff/4-5/


Testing
-------


File Attachments (updated)
----------------

HIVE-20544.3.patch
  
https://reviews.apache.org/media/uploaded/files/2018/09/24/9f8ef0d8-22df-40cf-a311-56335d88516a__HIVE-20544.3.patch
HIVE-20544.3.patch
  
https://reviews.apache.org/media/uploaded/files/2018/09/24/afdfc085-cc06-4a47-81f8-499029719bd0__HIVE-20544.3.patch


Thanks,

Karen Coppage

Re: Review Request 68710: HIVE-20544: TOpenSessionReq logs password and username

Reply via email to