[
https://issues.apache.org/jira/browse/HDFS-15805?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17275558#comment-17275558
]
Renukaprasad C commented on HDFS-15805:
---------------------------------------
Either we can log the message without Cookie information or can delete the
complete logging.
Message has no significant information, can be deleted completely. So,
uploading patch with deleting the line.
> Hadoop prints sensitive Cookie information.
> -------------------------------------------
>
> Key: HDFS-15805
> URL: https://issues.apache.org/jira/browse/HDFS-15805
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 3.1.1
> Reporter: Renukaprasad C
> Assignee: Renukaprasad C
> Priority: Major
>
> org.apache.hadoop.security.authentication.client.AuthenticatedURL.AuthCookieHandler#setAuthCookie
> - prints cookie information in log. Any sensitive infomation in Cookies will
> be logged, which needs to be avaided.
> LOG.trace("Setting token value to {} ({})", authCookie, oldCookie);
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
