Sailesh Mukil has posted comments on this change. Change subject: IMPALA-3859: Don't log file data on parse errors ......................................................................
Patch Set 1: (1 comment) +1 for this patch. The following is an excerpt from a mail in the embedded-paranoids mailing list: """ This is obvious, but bears repeating: if you think it might be sensitive, don't put it in a log file! OK, so most people know that. But what counts as sensitive? - Passwords - Any sort of secret key, token, or thing you wouldn't want made public - PII - Personally identifiable information - Any customer data """ It's a good security practice and I feel that we should start fixing these small things that would help with maintaining good security standards. I've not benefitted from these logs anyhow, but there might be others that have. If there are people whose debugging benefits from these logs, they should speak up and we can parley. http://gerrit.cloudera.org:8080/#/c/3646/1/be/src/exec/hdfs-scanner.h File be/src/exec/hdfs-scanner.h: PS1, Line 335: This is called : /// from ReportTupleParseError() This makes it seem like it's only called from ReportTupleParseError(). It's also called from HdfsTextScanner::WriteFields() though. -- To view, visit http://gerrit.cloudera.org:8080/3646 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I5a604f8784a9ff7b4bf878f82ee7f56697df3272 Gerrit-PatchSet: 1 Gerrit-Project: Impala Gerrit-Branch: cdh5-trunk Gerrit-Owner: Henry Robinson <[email protected]> Gerrit-Reviewer: Henry Robinson <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-HasComments: Yes
