InvisibleProgrammer opened a new pull request, #5709: URL: https://github.com/apache/hive/pull/5709
It removes the following sensitive properties from tables created with JdbcStorageHandler: - hive.sql.dbcp.username - hive.sql.dbcp.password - hive.sql.jdbc.url ### Why are the changes needed? Explain extended can cause a security issue if they query sys tables: Sys tables are created with JdbcStorageHandler and so that, the output of explain extended will contain sensitive jdbc connection info. ### Does this PR introduce _any_ user-facing change? Yes, it removes the listed properties from explain extended output when a JdbcStorageHandler table is included in a query. ### Is the change a dependency upgrade? No ### How was this patch tested? QTest added: explain_systest_password.q -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org For additional commands, e-mail: gitbox-h...@hive.apache.org
