[ https://issues.apache.org/jira/browse/KAFKA-4754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15872139#comment-15872139 ]
Grant Henke commented on KAFKA-4754: ------------------------------------ {quote} This could expose the password to anyone who is able to run ps on the system, or look at the bash history. So I'm not sure that we should be concerned about the println {quote} I think its worth adding, just because 1 thing is wrong and a security hole ,doesn't mean we shouldn't close of fix others. If security were all or nothing we would be left with nothing. Often application logs are passed around aggregated and collected. Access to a machine to run ps or look at the history is a much lower concern than that. > Correctly parse '=' characters in command line overrides > -------------------------------------------------------- > > Key: KAFKA-4754 > URL: https://issues.apache.org/jira/browse/KAFKA-4754 > Project: Kafka > Issue Type: Bug > Affects Versions: 0.9.0.0 > Reporter: Grant Henke > Assignee: Grant Henke > > When starting Kafka with an override parameter via "--override > my.parameter=myvalue". > If a value contains an '=' character it fails and exits with "Invalid command > line properties:.." > Often passwords contain an '=' character so its important to support that > value. -- This message was sent by Atlassian JIRA (v6.3.15#6346)